beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On December 07 via manual (December 7th 2020, 9:29:25 pm UTC) from US

Summary HTTP 186 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 56 IPs in 10 countries across 49 domains to perform 186 HTTP transactions. The main IP is 2606:4700:10::ac43:e6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 57	2606:4700:10:... 2606:4700:10::ac43:e6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	89.187.188.228 89.187.188.228	60068 (CDN77) (CDN77)
1	151.101.114.62 151.101.114.62	54113 (FASTLY) (FASTLY)
1	143.204.55.6 143.204.55.6	16509 (AMAZON-02) (AMAZON-02)
1	146.20.201.92 146.20.201.92	27357 (RACKSPACE) (RACKSPACE)
1	45.79.195.246 45.79.195.246	63949 (LINODE-AP...) (LINODE-AP Linode)
2	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700::68... 2606:4700::6810:8646	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	192.232.253.205 192.232.253.205	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2401:c900:110... 2401:c900:1101:143:9::e	36351 (SOFTLAYER) (SOFTLAYER)
5	2a00:1450:400... 2a00:1450:4001:81b::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::681f:5aaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	162.241.30.109 162.241.30.109	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
1	64.202.184.137 64.202.184.137	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::2e0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:6800:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:44a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
21	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::681b:80dd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:8400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:ea00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.121.118.243 3.121.118.243	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1 1	23.8.15.54 23.8.15.54	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.24.15.122 184.24.15.122	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	35.157.13.31 35.157.13.31	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.148.154 193.232.148.154	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	52.17.171.52 52.17.171.52	16509 (AMAZON-02) (AMAZON-02)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
6	52.210.180.12 52.210.180.12	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	52.217.71.92 52.217.71.92	16509 (AMAZON-02) (AMAZON-02)
1	104.28.13.9 104.28.13.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:819::2010	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	207.55.249.212 207.55.249.212	17054 (AS17054) (AS17054)
1	192.124.249.6 192.124.249.6	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
186	56

57 2606:4700:10::ac43:e6e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.188.228 (Czech Republic)

ASN60068 (CDN77, GB)
PTR: unn-89-187-188-228.cdn77.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.62 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.55.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-55-6.osl50.r.cloudfront.net

hub.umd.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.20.201.92 (San Antonio, United States)

ASN27357 (RACKSPACE, US)

www.mackinac.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.195.246 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: rumormillnews.com

www.rumormillnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.72.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

justusaknight.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8646 (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.232.253.205 (Houston, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-232-253-205.unifiedlayer.com

www.kcnonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2401:c900:1101:143:9::e (Singapore)

ASN36351 (SOFTLAYER, US)

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::681f:5aaa (United States)

ASN13335 (CLOUDFLARENET, US)

lisahaven.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

specials-images.forbesimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.30.109 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5924.bluehost.com

www.ournewearthnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.184.137 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-64-202-184-137.secureserver.net

www.milwaukeeindependent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a3::2e0b (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:6800:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:44a1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::681b:80dd (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:ea00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.118.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-118-243.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.15.54 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-15-54.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.15.122 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-15-122.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.13.31 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.154 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.171.52 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.210.180.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-180-12.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.71.92 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fw-d7-freedomworks-org.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.28.13.9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.shtfplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ci5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

zh-prod-1cc738ca-7d3b-4a72-b792-20bd8d8fa069.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.55.249.212 (St. Petersburg, United States)

ASN17054 (AS17054, US)

www.panthersgab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.6 (United States)

ASN30148 (SUCURI-SEC, US)

www.nowtheendbegins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	beforeitsnews.com 1 redirects beforeitsnews.com	1 MB
21	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	254 KB
19	youtube.com img.youtube.com www.youtube.com	504 KB
14	revcontent.com trends.revcontent.com cdn.revcontent.com images.revcontent.com	348 KB
11	googleapis.com fonts.googleapis.com translate.googleapis.com www.googleapis.com zh-prod-1cc738ca-7d3b-4a72-b792-20bd8d8fa069.storage.googleapis.com	167 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	62 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	ytimg.com i.ytimg.com	278 KB
4	bitchute.com static-3.bitchute.com www.bitchute.com	102 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
3	google.com translate.google.com www.google.com	2 KB
2	w.org s.w.org	1 KB
2	amazonaws.com fw-d7-freedomworks-org.s3.amazonaws.com	53 KB
2	lockerdome.com lockerdome.com
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adhigh.net 2 redirects px.adhigh.net	933 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	google-analytics.com www.google-analytics.com	19 KB
2	rddywd.com rddywd.com	1 KB
2	kcnonline.com 1 redirects www.kcnonline.com	46 KB
2	naturalnews.com www.naturalnews.com	1 MB
2	wordpress.com justusaknight.files.wordpress.com	1 MB
1	nowtheendbegins.com www.nowtheendbegins.com	36 KB
1	panthersgab.com www.panthersgab.com	145 KB
1	blogspot.com 1.bp.blogspot.com	8 KB
1	googleusercontent.com ci5.googleusercontent.com	129 KB
1	shtfplan.com www.shtfplan.com	7 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	contextweb.com bh.contextweb.com	406 B
1	lentainform.com cm.lentainform.com	559 B
1	idealmedia.io cm.idealmedia.io	555 B
1	google.de www.google.de	107 B
1	consensu.org c.sharethis.mgr.consensu.org
1	googlesyndication.com pagead2.googlesyndication.com	46 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	shopify.com cdn.shopify.com	314 KB
1	milwaukeeindependent.com www.milwaukeeindependent.com	81 KB
1	nyt.com static01.nyt.com	281 KB
1	ournewearthnews.com www.ournewearthnews.com	45 KB
1	forbesimg.com specials-images.forbesimg.com	76 KB
1	lisahaven.news lisahaven.news	803 KB
1	tapnewswire.com tapnewswire.com	19 KB
1	rumormillnews.com www.rumormillnews.com	699 KB
1	mackinac.org www.mackinac.org	340 KB
1	umd.edu hub.umd.edu	252 KB
1	gannett-cdn.com www.gannett-cdn.com	38 KB
186	49

	Domain	Requested by
57	beforeitsnews.com	1 redirects beforeitsnews.com
18	img.youtube.com	beforeitsnews.com
10	s-img.mgid.com	beforeitsnews.com
6	images.revcontent.com	beforeitsnews.com
6	trends.revcontent.com	beforeitsnews.com trends.revcontent.com cdn.revcontent.com
6	cm.mgid.com	jsc.mgid.com beforeitsnews.com
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc beforeitsnews.com
5	x.bidswitch.net	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com
5	i.ytimg.com	beforeitsnews.com
2	zh-prod-1cc738ca-7d3b-4a72-b792-20bd8d8fa069.storage.googleapis.com
2	s.w.org
2	fw-d7-freedomworks-org.s3.amazonaws.com
2	cdn.revcontent.com	beforeitsnews.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	px.adhigh.net	2 redirects
2	servicer.mgid.com	jsc.mgid.com
2	www.google.com	beforeitsnews.com
2	www.gstatic.com	translate.googleapis.com beforeitsnews.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	rddywd.com	beforeitsnews.com
2	jsc.mgid.com	beforeitsnews.com
2	www.bitchute.com	beforeitsnews.com
2	www.kcnonline.com	1 redirects beforeitsnews.com
2	www.naturalnews.com	beforeitsnews.com
2	justusaknight.files.wordpress.com	beforeitsnews.com
2	static-3.bitchute.com	beforeitsnews.com
2	fonts.googleapis.com	beforeitsnews.com
1	www.youtube.com	beforeitsnews.com
1	www.nowtheendbegins.com
1	www.panthersgab.com
1	1.bp.blogspot.com
1	ci5.googleusercontent.com
1	www.shtfplan.com
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	bh.contextweb.com	beforeitsnews.com
1	cm.lentainform.com	beforeitsnews.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.idealmedia.io	beforeitsnews.com
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.google.de	beforeitsnews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.mgid.com	beforeitsnews.com
1	l.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	platform-api.sharethis.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	www.googletagmanager.com	beforeitsnews.com
1	cdn.shopify.com	beforeitsnews.com
1	www.milwaukeeindependent.com	beforeitsnews.com
1	static01.nyt.com	beforeitsnews.com
1	www.ournewearthnews.com	beforeitsnews.com
1	specials-images.forbesimg.com	beforeitsnews.com
1	lisahaven.news	beforeitsnews.com
1	tapnewswire.com	beforeitsnews.com
1	www.rumormillnews.com	beforeitsnews.com
1	www.mackinac.org	beforeitsnews.com
1	hub.umd.edu	beforeitsnews.com
1	www.gannett-cdn.com	beforeitsnews.com
186	67

This site contains links to these domains. Also see Links.

Domain
www.herbanomic.com
db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net
mitocopper.com
385a4q2phm29q253111yhgum3n.hop.clickbank.net
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net
6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net
www.fincabayano.net
polaraidhealth.com
69b3d4-ogey4faauklimid7y6d.hop.clickbank.net
www.braintuner.com
trends.revcontent.com
widgets.mgid.com
brainberries.co
telegram.org
t.me
tinyurl.com
9e214utfcj2ajb49ok-kxh5m16.hop.clickbank.net
www.5starshine.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
static-3.bitchute.com Let's Encrypt Authority X3	`2020-11-24` - `2021-02-22`	3 months	crt.sh
usatoday.com Let's Encrypt Authority X3	`2020-10-13` - `2021-01-11`	3 months	crt.sh
umdtoday.umd.edu DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2021-09-16`	a year	crt.sh
mackinac.org R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
kcnonline.com cPanel, Inc. Certification Authority	`2020-11-13` - `2021-02-11`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
n2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-16` - `2021-06-06`	9 months	crt.sh
cpanel.ournewearthnews.com Let's Encrypt Authority X3	`2020-10-18` - `2021-01-16`	3 months	crt.sh
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
milwaukeeindependent.com cPanel, Inc. Certification Authority	`2020-12-02` - `2021-03-02`	3 months	crt.sh
cdn.shopify.com Let's Encrypt Authority X3	`2020-11-12` - `2021-02-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
cdn.revcontent.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-15` - `2021-02-13`	3 months	crt.sh
images.revcontent.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-15` - `2021-02-13`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
nowtheendbegins.com Go Daddy Secure Certificate Authority - G2	`2020-02-23` - `2021-02-23`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 70AFE7776114C448235F70864E16710F
Requests: 171 HTTP requests in this frame

Frame: https://www.bitchute.com/embed/xlmCvOqhPHdw/
Frame ID: 4670F35D7F25EB0B9B3F3B3D8C1A50AD
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202011721
Frame ID: E6DDD3DA47C1A997C43B923FE733A630
Requests: 5 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202011721
Frame ID: 39F20D2DB5DC94E135321133F11EED90
Requests: 2 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: C25FFAFE0F6CEA1EEC1DC1219B9C7B84
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 20019A8D62C2B7C3AA30502E9611CF4F
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: D4FB6509BB4DFFE67EAE4FBE6A4B8489
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1607376545314841427900
Frame ID: 5BE7C6FBE379F9BB3890747452BFD833
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: AA30E0E1A2EB74D95E77A9F20304B4A0
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 519D517B8EFF983453380E65871C5DAC
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 0143BF24F05216E9BFAC2E1FBFA9E3F6
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OMSDhEhKOHE?rel=0&autoplay=0&mute=0
Frame ID: 233CBF5EE4E6E91335B9D1AD5409C831
Requests: 1 HTTP requests in this frame

Frame: https://www.bitchute.com/embed/xlmCvOqhPHdw/
Frame ID: 624487352CD9DB1C76F3D15EA08C36BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

186
Requests

98 %
HTTPS

48 %
IPv6

49
Domains

67
Subdomains

56
IPs

10
Countries

8873 kB
Transfer

10191 kB
Size

7
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomic.com/productdirectory
Title: Shopping

Search URL Search Domain Scan URL

URL: https://db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net/?tid=BINRTL1
Title: Finally Revealed! Scientist Gives The Real Cause Of Weight Gain! See Video

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/detoxadine-organic-iodine-supplement/
Title: Your Body Cries for Iodine! Here's What You Don't Know About Iodine and Your Health!

Search URL Search Domain Scan URL

URL: https://385a4q2phm29q253111yhgum3n.hop.clickbank.net/?tid=BINBNR

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/herbanomic-fulvic-humic-complex/
Title: Deep Sleep - Energy - Vitality -- This Trace Mineral Complex Will Change How You Feel

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: How To Easily Manifest Anything You Wish Using Quantum Physics

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net/?tid=BINPTL
Title:

Search URL Search Domain Scan URL

URL: https://6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net/?tid=BINRTL1025
Title: Learn How To Manifest Anything You Desire In Life. Click Here For Proof

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/androtrex-male-vitality-booster/

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/
Title:

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/
Title:

Search URL Search Domain Scan URL

URL: https://69b3d4-ogey4faauklimid7y6d.hop.clickbank.net/?tid=WATERFS_BIN_EMAIL
Title: ALERT - Try This New Tech and You'll Never Run Out of Clean Drinking Water Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/
Title:

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=yZwMancRmrABuQzCL2tWr98XYe5p6vyVqywpWrfJXYd59S%2FZxyPCUSx4p9%2BJX73snScO83wn7P4UECWg0plrsZXaWaX5PJzz6xN3ZCdh5ZGToZX%2FDs5eWviBpRbeeeAQRHv9XE1lYGmzLVv%2FXb9WXSA96OE5TKNpW%2BjcrlrFFD%2FPXhPAYzZXqy5y4qUT8BDv4M4VdQ9eDKLiOIW4IVuuKhH95m9ozBM1OOAFuL6Pj0lhevfIsHA%2BtTHq26tbbxS2Y%2BAu2NLH%2FKNbuBwbT2rqe2%2FRmKZlVfrgbfq5uRL6X1Aj5c1z%2BsvG1YXeIstcVF6CdSiNYY1DgksKPfoMYKjYF05a6RNsAg3GlRqHcy5jWDwQWYVofeFFclW4pJpuaLiLXuZ6SvNon8bcE%2BHHtpUKCDVLN%2Buhx%2BV37Rj%2BH0ZM5Q0iE63dizdOMcDCEmabIR6tczdbGTOW03%2Bv%2Bqh%2FVMt%2FSj4Rob6pMiui9GEoOk%2Berm25RVd68oIe4nGoC3xv0OkzBR3v9QpjiVw4uYV1TZisUXmklm3996Oj6rEbRruNA8cudb2pY%2F4wIZM0Mq5OASqk8dPFUaHFXfdbtF%2F7auq2ihf57VOs0ICq91EdJCV%2BbVpaev8DIvY%2Bkr%2FaI%2Fbf49XD1Z%2FgDkvBTV%2FlJBhNiPskpddcwWaiqG5CzHEqrusoJhuxprTV4y0XnxD9i81UNv3R5zEOdlKE63LJ1EZ62TFcWmUrD%2FxlrHx9Dljtbx1wbNHHwlAKa4%2FkhAAbhhMydOKrIPLVTR1SY0xatNTIyJfPbb6%2FoypWlY10u7A5W%2FDv4HrS0c1fzUrg%2F2aU46kjDog1EszaTkmdeoo0sPEyL99SkzhoZn90T0tGECQcpSut1krMfNwY7Vi0xOLfrXDY2aVqVABXCnGMerp9TLBQisAmMGkX01oicJP%2BcrlFaehk%2Fx1wnO3oFBXsHeGH2sULQU9cEwDVpCV%2FOyPjnmUZgorP59ymzvyODI1tCuq2FImJ5VSjcwJkop%2FgKD227SL%2Bqd93IiAR6x03FcboEmQq0gnS5Imq5%2FJZ4pGDWQRmq8EDdEN3%2BuyPP260kNXqncSyd1HsFrRv1KGtPMZglQ%2Fn%2FWTLN2%2FcjwBY6B5zZj0KLG8Tm8wVjfEt7xg0d5ULInzL1f6yppqIPUDbEdVv9qPsgOVGR00auOS%2BTSFYPoJGBBhx6nUYx92xSoju43bwOnZL351Nj1H%2BfPXqrDCtoICurREpOW2yJ4AhEK%2F6W9D5EPARgJpplztK3jhNQDph1%2F5%2BKyLc&s2s=1
Title: Anyone with Ringing in the Ears Should Watch This (They Hide This from You)

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=AZ1lGy4DfG9aJwJNGnRhYG%2FbJGytUeS4LCSPkbke2Rc5e8lbWx3ZuM1UXiEpMEjBxb6yrYgt3mp1CVoiYAqysXGccKm6eFW%2F16ZdxUCMzn9cSrj0apLUUk%2FPlpKma1rpeYQVgghdJhlVn1SdhHuLdcqAqhIprmgu07bLZdKvEQ%2F64kQjwrfrY24pAMo%2FHg%2F9s%2B4ZiXccbz5XAiucAWiH1TXvG30EBypOakpsflOVM7BF6s%2FVqIdjTa4blIXtc9NjB4YAFLlHjApkV6iTLMCs1Zj4X0FOMgdKayjQIGKLSj68JiieI%2FsgGIX63ctidbQbqkbcj73uwUNFelDt6nOJk6Nfpej4bNqXGZmtZS3dMe3zNBb20kiM%2Be%2Fd4RqUNGo7xdYD193NF1Ln7flxJVzd8i1ZpWAr9hEF3tap%2FpMemVx3SCrxmKE%2B30gwSO3hlXqKaLd5J40JAK3yFgOdN8%2BJqsrD8r902HYxaUMUVs54luaCkxI4twhu%2BnV1ILn8BEaN14bGWYEhTcGbygWzfWWBNnjk1KRDOD%2B%2BAVGap23xvleThFXUWFB3V59L7LLGrfp9vKPzTgTPmnniR%2B5tmLsF65IeX3uBR%2FaYBAaPyWvFiCPg8Hw4zpb47i0nozo8A2GdLYfk5fkX6GCxsUi5wI%2FSsvHYZGZBf%2FRCgzqIrmj1MJ1C4eqJ%2FYVPVWA5nrIGieKqZd3UsomusLvBFNOpH4nU2k%2B5XN2ABTsBQvbogAHMforVJW33DJrI%2F5cOFCeH5th5jA8bgA%2FT5Tg9OsXkjglPrd4cYgr0Ms2OyjR%2BX1%2FKk%2BuaYE7KJUvRARP2aVRy0pBRgWeQL4DE20%2Fb7b%2BX3%2FOXBd%2BFe3ZrXDHlU0AWbW0bsOAZAxNLBi%2BqbCqcdkURU9WEM34GWfYKvJPFzmOYGg0gfCtbLfY%2BmLsjz94PvAdSIWmk66GNHrfLbY8skOOITThyO47UbF7I6LnRVM8qT2G50TyllAD%2BCMkrxgE6X1%2B8liFExZYYJdvZ5%2FVgbuekcKF0j8OeX7aIpfVdXM7qwpfgbsb5pptR6anSnFV0UrfN4C0bCOauhXsv9SCd7YmNZqE3CzSA%2FSLeWQ8Qo7HEC5ZuTY1A7LxmPnm2x3GTqyYIj6p%2F%2F60wjOSUfX7tL8PEq%2FKkuHUPEQXsX8z67RcG%2FgUgcOooEMgOTaP1kDwCPEl5Mx2w1t8Fw8rU8dJowBlju1keQ2vF7w4pm39rJh7ERYDL1knyg7ZlN5ax6YB9kz0NhgA%3D&s2s=1
Title: Doctor: if You Have Tinnitus (Ear Ringing) Do This Immediately!

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=99hCKsrOw%2BEkAkcVU72eShshd6i70KF6mgVlckTaObfDDrJhE%2FtUXEGDm%2Bwxx4ltAEHC0Bo2LIlB0SgMXeaBIufy1R4jDWKnGXFO54uGrUzTfgrNfoic%2B90lhDv4ZdjopD6v%2BT1ViuB0535wfwz5siPG5oZdJMiRluBzl%2BUW9TJCHI3uHtyJj04bYugc87b52geY1caQfidSgTDml6uxSwTvHkNVZvdgzSR%2BuBhXQK24DlZzOfREtecTp4IiKVVFSXwAEu0SDN%2BTQkyJFGMi%2BTjagrOHZc4CByE11DO38PsbkIvl%2FnbqO3e8XCzJwlbQXOTETlXAwH3v8JkRwtro%2FQZUoWhF3EQXYGWMTvQkpgxEPAMz%2BBaPdS3YeyqfIZj%2FG5WVwzbqJ5ljKRlqO8LNAoATDbG4DAeE18amSH2JaYg2x7eO4%2FkbAxVNK91MevCGP%2Bvssw1MZ9SSXKGKiiatNAg1lctG6YjFHG7lb51a7elUmPWoeewYfiESt4lmhnlIK%2FcqeS3EMO7JxZJ6YxRJIEItKlysPavk%2FV7uIbbcpUF%2FtWbdnbsNhWUrN4VEM8QOSmhragzE2XDuyXlmi3JX1b9md3TOYm7bNHW40iaFPlSGoBDCnH3cTfRZpFpJefkccRKH2DjD1BfcHnb6EWXNiajEG%2FYlzMB8Q1ZIZuNm9FGNvKM9S1UBIwJMZjSTHEc8rl6tQvniYJrRytU%2FNsx8XXs6JjGtto6OHaBBKh3%2FMUhfvcbA%2Bjn9FbsQmGBhUF0BjNIfIILfj54fMORUTBHGqPVrmL%2FixZOX4ALSVK0G4hwTC69D21ZCOM%2BWkDvneTDwmQiYYioG2QLKOmXlSMaIjYDUED5ERIq6KVo%2FarnKUnUamJRhbxz71gss1zEyMPVGpORye%2FvQ2UekCFiwkHD6192G%2FaPss1FSa%2B4q3VTJFCAxftYihibTJKqYszn0V5PdbcDb7vZjQ5vcIsn%2FiKJOO%2FWj02Z5AOWJQRp2j0YtMIPtXhNRxH7gJ4lhXoZ%2BkWnABm%2BYvJrYeB0FFpe2OkHF%2BYiOtjUVZAazHaJ%2FgncjlG9HhM7CSW77gbWnuFMXajQkh5q%2BTNr6irq5yw9%2BvPw%2BqP%2Fvr%2F6tJKkeBg4Cu%2FqIk02Vojv2a%2FK89%2BPsAOsayNUWJNMz%2FJeRDwTQB1SVVEPoTw%3D%3D&s2s=1
Title: Fighting Diabetes? This Discovery Leaves Doctors Speechless!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/top-9-most-bizarre-places-to-get-married/

Search URL Search Domain Scan URL

URL: https://brainberries.co/culturearts/a-real-mini-art-gallery-for-7-lovely-budgies-by-rebecca-keen/

Search URL Search Domain Scan URL

URL: https://brainberries.co/funny/the-funniest-prankster-grandma-and-her-grandson/

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/the-top-10-highest-paid-football-players-in-the-world/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/oxy-powder-natural-colon-cleanser-120-capsules/
Title: Try This And You'll Lose 15 Pounds of Extra weight in Your Colon! (VIDEO)

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Tiny Self Defense Tool Drops a 270 Thug In 2 Seconds - Get Yours Now!

Search URL Search Domain Scan URL

URL: https://9e214utfcj2ajb49ok-kxh5m16.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: Is This “Fat Blaster” Brain Molecule The Key To Shocking Weight Loss?

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=qE0dzXH4FDOzBaPNqrl8olyUuDLO51VlIgDFPKYRkFFrymS2ThEUHt4Q4DQcDP1K1Ef%2BzrTNm7GNd5dvuaS4P%2FhAyyNFuAnwOYPvE%2BW1hwvDbEjSaMyy%2B%2Fi4JKO8Y4vq4Y3xsPv94kSrq9oSM2llmbkqdTMbe4WtAuBMTDGgJtlhs%2Fi0a4PRMJx3f7%2BQHab7Y0zzZh1c%2Fvny%2BI21wDo%2BvnKK%2B1roTGJ6SjvUYPhaeGNE6R5UWxHoWjKfd%2FwVBFd5zQ4zHbXjSpJgBQHhc1Ip081YGywopPsP8D%2F7PAcfFGSpew4KuSCYJWWOwS%2Fxmh1ehQnB1MWjA3qdojMmdb0wHk1T6HhdbGacKyUnYleW%2BVDkuEa4gEn9v3At%2FtMOUS5BNO6ygy2LMQTA3za%2BATRWuS2DHqD%2F%2BqwUr5vsRuItWeM3QPPiWWaVz6DE3stMtngrLcUt0JX8kcvI%2BySfwwPZ9SSKt99SsIY4YmXsWSup72LKpk7zvSZAzoi%2FimA%2FucIgPPANWg4PAc4CObnxhuWdnCHsemN6VS7OtTSHFDxFmjDDlHSvctWmo3Bs5BopitEhnQW3jZljxAwzbwx%2FycwnHYVfMo4kDYkc7ozfqm7AMvVuVWJ1FlDN%2B5f5QmiEPw%2BIxmaw15fvyXEdcjT9YUd1b4yNHihjQpW159wKN433hBsOiCBacz2dxxErFuAaPj%2BWsxYJxj9OEccsN8MxwtGJx%2FKd%2B%2FCt8P7pIXugKkRwJn0p%2BGxaekAAiD934hTEP17CL2epA2z4v93A1FSYNkbkA5TWCy4yQOyPyzkDFBnmgmWmy3RS8T6N40WOPP934c5k0ixEOmvNYlYGdAy%2BkK02mq0tzIWvURgrRQupJ%2FgSeHUTAQwxca0Ruw5X4ile7PJfpzeRra9YkQYFdl1lOrI24WNn1TIpV3hZ6kiv3KYimnJJbE%2F6XS9WDnz3mFffa8eGXK4UE791dJP4yRQeapFsu6AmALk904pQyJ9AKwu9rzwZ8SzZolTJYS05iImRlhS%2B%2FyOQ4Zmzn9p%2FETIhoV2CJBCnvWI4y8JSnAAKR5et9aIv1fw3kZaZkhOcPGGeBnO5RleIRmX31xlBb%2BrG13zCANwxGlmZRis8K7E7LlJdPYYc6AD7ZFbocv9B4tRI1jWpk2xOPuORx%2BlDgikWjiTi4LyRBrHPwuRX733E%2B2adkFiCaalFYsMq%2Bv2BMB7U0xMATpAYBEdIZiJp3RdMe733Hk5qFB7Mt%2BcILBq0ZYsIUO2%2BL4wDDnNs5p%2FVKFvZEJMz&s2s=1
Title: Anyone with Ringing in the Ears Should Watch This (They Hide This from You) Health Benefits

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=1knTHs1gzYUogPQb2ZTHH%2BBkNTufhClTfqNGC9VFv4sI9609vDWBRa9MZ8G8Z6d1EhDuiGVXhmWJsH3hA7KS0p46693YSxdwmwR8Qtuy5Zx%2BCSra9tAnLMiSJSg%2FFC9S2vG7kBU2i8oVRDdw8T0%2FFNEE0K6cJcExGxiwKW0iiAyAaH%2Fo%2Bx56zML1I%2FE1F4%2FoyOoztIL9h8TJSK7AM%2BJ%2FAWFVYvR6wBPMrQX1tbUUM8zruSPvqaQ%2BPYOVPFqAvXaLYKwDgMAVas6vzGorPXPzCz4KoQ7T9vVv3YsJBuYEmvbvavona7XsZ%2FX4xD5mqnmzFD7BBB4F15VhyG%2BnkSg3S9IgT0dv6ZLmrBMSRgClDINH6%2FC8rmJBwpfEHYn6DnbAcuCGl5WYaJb8ksMGZJtD6cgl0W1ZNVZpBwoVsHj4FKMqre87O7rAVtwpOsYWMoA7FcqU0z%2FhcrTR4UqLJ9AgbQmb987ZjJbVN4jMyk0%2FWwv5D2vnt9dWfT0RKl9EcEd8Q47y4qkzDYAcZaesYFoNpbN%2Bz9FDj0wmZYQNv2Yq5hpDrS8Eh%2FN2Nx62WGlqsKfiohvArurWiRK2%2BjeMfUQeNyMNIFQX0Z56RxA7gejs3LCTYNLOSjj56P1ZDN%2BRuiy38%2BBMcEV%2BgehHvq%2FJg56yHPQrQ%2FYH6T7yMSsNXv%2BOY%2BqlKvHKdPQrzFKGYkM3oGU9bGaV7U1GPt6dWQf7UnKzvD7L0UOigO4VmwYKB3HYXXWVesuswrqIPVc3bvdn5nvCTsiFnpTO47fIbP6sqJS472m2t7vmzm9D1fNwL3WC2L8Vr9JHaiy3arqSDvRECTwm2yqJOU9EpDYX%2FMQNPvgo0ypLwqyEGWvco2Ri0mx3slxEgGmtAYxsq4wSEofpqHXDiS2wkCYc31ZzyOs2EfqsGjBzExWEs0buIyJDfnEx3J1bTMNPn%2FzJMVlHKnnvJFgucBX%2FxW6iSOFohNxMkMl2uiSGSJ8%2B7wKJmnnRTCFByWzCNvJB4yI00WQtgGs1r8yLIUL2nH2sHMjLYBEoRkoesI%2FTvSiCT%2Fsx94n%2BQBI03UrxMYcrDsH0qQdD5cJEhnBVFG3qdla9GgzxpHgC6P3jA6RzYLi4nSapZppzRaBSw6e8uH%2Bx5Nn4%2BtCY6m09mn3dg2Q8DIo7H0SDFQUJOPL6bw%3D%3D&s2s=1
Title: Fighting Diabetes? This Discovery Leaves Doctors Speechless! Blood Sugar Blaster

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=KbGdBk6VJq6m9Ktkg3CIZxpDbxKVlJKd3UjMR6B8YxMiAkS94pkPhwTIuwlMnbI8peYHdEKMsJsjnAgoEFA2hBRw5h050%2FiJ2xn2CAfn%2BJFXRAKXlkgokoJUsLZBJrbWnMxwBaKQfrusNCjKTQ2m8anMaDwt1CSPFSOQl8pA40hiTq5rn2oMrvOFYNyXgNIR4mtgw3RD44qDYvKROJJq4bV7JRVEZUrlWXh2Vl%2Fo2JSGsjbu6Cix136VRMLpDLpKICSAD2ly4ajGZZ5rWLIiyEwgvHv20qDWMEWDwz78SnH63pBzDOT0diaz%2BqmkUNHkMEPu0%2BtbOVZ2mHtSx6bN8mgA3N7Yi%2FJ831l1eIlZwcGu7FwsQUWK1Xqe5KRPwVS6jXfZ%2BkfDvNoZ6fdee%2BVZPb1AXK4DjmdhkPzRgWGZbXQA7GO2dp97Or3DUrazuyljnGhf2Ox4UTM2h5on7Xl2uCEpMkzL%2F8orwlbZlesuOxiWuCpsl4AAw1nFRpnrG7vcNtao43R0zPbe4v2z7W9%2BbmIT4M%2FhwAxIVlbn9G3nM68UdnFn4CAuqOlvKS9A7keCTwFl8t1BWfdGQw9SYV0RYT0VDf1bTj%2Bs3yUDuSKh%2FyF5WvGiuYW0uKyJggmbiSgyFYI5K6Lf69O%2BoJn9KwWAQxVsDfWUI7VnPpXL6Y8IjHJ2OSzsboYghkqUCO7B4syGfJZmzxLuX3ppvoRv36WM%2BLLFUwdKnUwd4czH7aYNpvMXKhEI4Dm4CdE9bJxX7AziamFkk5ZZCuHgIEYTzPL2BMNp6yP0iqwYGiTeKW8TbvQ6UOAHD96eYXLWgO8X8jHLc7PMHochcmgPddIiW2YtI38xsRomqpaus6JJurlAujwdT6aCcLeGBTGCdEDlB3eAYQVXiFY98l89kPuiXIQdwiN3XPjsm2%2BccK5nVvZsO9pi3yU1GPbHVVSq%2FEXg8YW3ggZjURezJ3u8%2F1pkSN%2FAg4kUnCSsTMWaXpRNxPY0zXAWdS6pt3hj1W%2FvCaeRyqKzZ5e%2BtgTIxicW7kTMdMFh4u3x6pHzu5GRCOYMwzi7GM01wPtCBQr2Nwgri3qH4EUZAbAb5Mgi7eFrr3ssSMxWb0udaJyNK2DZxJ8TKeulGffyoNgDfsJEGK%2Fe9SG0wPGw&s2s=1
Title: 12x More Efficient Than Solar Panels? Prepper's Invention Takes Country by Storm The Daily Survivor

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=f%2Bpo3%2Bp51SHOCvsx4p%2FXSJD4rhFEEYJod7eOH8s8f%2F72oNIAKFzKMrMKutgTWiUvHrTF%2BZP8wUiyhnK%2Bhk4Y9jkVrYyVYp0SleLGXiE8RG67Y99fMOJLgomJ3Ob4BOG8VZFFwBxt2vx%2BPYxbxuh2b49hSIvcdfw0KiWprPIIoH%2F6bAZxzmATnmlVpNSKQ%2F%2FszdV1v6UyojyvOTP0fOH%2FfhTZliMzu6W3gBmOkUYdL2TJfpirVdnfSBwBFLyFwvsh2rVXw%2FeTjCdd10ww9ZCCFvgi%2F%2BIuX0d6Yk7StXRFwZYSJxK2q%2F%2FgopKCZ9ZJh8AjrNdacJNXJ8n%2FYxRd9QOMsOSM4ucRH8%2F7TNbGtBFpvAgY3qj49C7nmuyum1Bh7nOcnGRlnDeL0t1COAC9P%2FjVZzCIca5zt0kwLuiw76AmBTyIUgw2TfgKRuMstyIH9YG6qajndYuvcC%2BkamEpfFDEgCBBnK%2FOcIC5j7miBErcOJVo%2FjbtaH3DDXcZbAtln0SVgFIrrEfQ5VbytdHm%2FRCU4nL9Z0fYuJEnPcGYoIcgsTmayjLR8jo74Fg%2BEgopHaznnl7JRJUiVFSMPl6bxRRWHm9DG4RxOewECib47ti9gCCZHEFc9U2p7pws7Q%2BL0EJdzwC4L4M4q%2FxU6tTfT%2FuEKdwkfQoH9TcDt0M5LRghrW4o7y2g6%2FsnpV%2B0vdeuXVpT9xRdGr7OnuI6IoUksyLj%2BTk2TihYwp2QtVu4WmpYaAY0LyNVvmYqSh8pvGLSkxiH2D4DXGd27CbCXVBt8xPNxrOA3SuUmJWMPnr14g8dAbSQHJQhhVxRY8WZhq42%2BVfDGfrEWrq%2BtL3k6P3gvKAUoA4nbd0WuTQIGjU%2F3xdnivhU%2FUQ9MN91ij0CEDQGwRt%2FIwx5PxAqG1T1wYsfEtOaIBvw7BY%2FTfArj9BUdD0pzJWECVg%2BY27QhSlECYpsg3i%2FnSCstzJuQuovpC0142Xjk86dcTqhNz87Gu5TPJ%2BsKDeMrh%2BLlQ0ZyxqXdy4QpNtdP3%2BN7sO%2FsZshmWXrovdk7btAO%2F6D5ZCljJ3jjH2CpwrIlWnVZdZuTR6IeuVNaojqyduNEUO7RvNXuS9ZKutddtt42XwDCbIOrzlH%2Fze99gFbkpWig7a7k%2BXVnYml1uUu
Title: Here's the Purpose of That Little Pocket in Women's Underwear Nueey

Search URL Search Domain Scan URL

URL: http://www.5starshine.com/
Title: Car Waxes are a SCAM. Amazing Product Repels Dirt for Years With Patented Teflon Protection!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/9-surprising-facts-about-tattoos-that-you-probably-didnt-know/

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex
Title: THIS Humic Fulvic Complex Has Provided Major Health Benefits To Thousands. (See VIDEO)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

http://www.kcnonline.com/wp/wp-content/uploads/2016/11/donald-trump-wins-692x360.jpg HTTP 301
https://www.kcnonline.com/wp/wp-content/uploads/2016/11/donald-trump-wins-692x360.jpg

Request Chain 125

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 126

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=xho63F1nFHA.AikABlF2PxvnRA&expires=30&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=d31d58dd-e0c8-4e2a-8f6a-6bdf7550c046&gdpr=&gdpr_consent=&us_privacy=

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2I3NVpCaHBOX3Rk&muidn=kb75ZBhpN_td HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2I3NVpCaHBOX3Rk&muidn=kb75ZBhpN_td&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=kb75ZBhpN_td&google_ula={guid},5&google_gid=CAESECTRQpt0fEumoygViZEM4cc&google_cver=1

Request Chain 129

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=t5GWP1XiqV8Inx0uOpPf&pi=mgid&tc=1

Request Chain 130

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=7aafdce4-8559-484d-bed0-a2463405dfaa&ttl=1609968545

Request Chain 132

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb75ZBhpN_td HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kb75ZBhpN_td HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=d31d58dd-e0c8-4e2a-8f6a-6bdf7550c046

Request Chain 170

http://beforeitsnews.com/contributor/upload/662794/images/Dr-Steve-Pieczenik.jpg HTTP 307
https://beforeitsnews.com/contributor/upload/662794/images/Dr-Steve-Pieczenik.jpg

Request Chain 171

http://beforeitsnews.com/contributor/upload/461640/images/A_Throne.jpg HTTP 307
https://beforeitsnews.com/contributor/upload/461640/images/A_Throne.jpg

Request Chain 172

http://beforeitsnews.com/contributor/upload/724569/images/Trump%20blood%20vaccine(2).jpg HTTP 307
https://beforeitsnews.com/contributor/upload/724569/images/Trump%20blood%20vaccine(2).jpg

186 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

119 KB
23 KB

648ms
631ms

Document
text/html

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69e3b1b2b041b70f196bf9082e9c232df86261311aae2dde463684fe07d650f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d652b169dd6f0c39742bc24f187fcdb631607376543; expires=Wed, 06-Jan-21 21:29:03 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s3; path=/
cf-ray: 5fe157058f132be9-FRA
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 06e0b4b77300002be9808d4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br

Redirect headers

Date: Mon, 07 Dec 2020 21:29:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 07 Dec 2020 22:29:03 GMT
Location: https://beforeitsnews.com/
cf-request-id: 06e0b4b7500000c2d61b3d2000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5fe157054f86c2d6-FRA

GET
H2 200 oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 32ms
25ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 2748229
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: AB18BC6BF0FB0D2C
x-amz-id-2: o33nsy79jaxjzlm6YbiGwCyHVKEwARoHWK/ibbFB8jKIM8eMUjnL/zr8m1IG+i0Brjh+NHXUp7g=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"165501590067c5189e81c831f77f81ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tjjN.jFT95DY_pkhk6.cTP9tpZK602Ny
cf-request-id: 06e0b4ba0e00002be909243000000001
cf-ray: 5fe15709aa8c2be9-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
712 B 20ms
13ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79ea20c2453d614642047c888d9a9abe70f74839a3ab9f6f3450441f0d6d9042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 21:29:04 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 07 Dec 2020 21:29:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:29:04 GMT

GET
H2 200 global-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/ 15 KB
3 KB 35ms
29ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb3c8e6d8177ed58739c0338a0de6acb391d0f0a857f0a351a99482061137455

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1914836
cf-polished: origSize=15622
cf-bgj: minify
cf-request-id: 06e0b4ba0d00002be92d955000000001
last-modified: Sun, 15 Nov 2020 17:34:05 GMT
server: cloudflare
etag: W/"5fb1668d-3d06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe15709aa812be9-FRA
expires: Sun, 22 Nov 2020 17:35:08 GMT

GET
H2 200 fancybox-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 35ms
29ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20201116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1914836
cf-polished: origSize=8029
cf-bgj: minify
cf-request-id: 06e0b4ba0d00002be9853ae000000001
last-modified: Sun, 15 Nov 2020 17:34:05 GMT
server: cloudflare
etag: W/"5fb1668d-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe15709aa842be9-FRA
expires: Sun, 22 Nov 2020 17:35:08 GMT

GET
H2 200 home-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/ 28 KB
6 KB 63ms
58ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20201116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca6c4dae8dc680a4595921bae7b66ab8bede58bee181a639464d14d1e780ddf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1914836
cf-polished: origSize=28775
cf-bgj: minify
cf-request-id: 06e0b4ba1400002be94caea000000001
last-modified: Sun, 15 Nov 2020 17:34:05 GMT
server: cloudflare
etag: W/"5fb1668d-7067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe15709aa852be9-FRA
expires: Sun, 22 Nov 2020 17:35:08 GMT

GET
H2 200 responsive-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/ 20 KB
3 KB 34ms
30ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20201116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ab8d3ab886ebd79b8127eb85c077b40f7c5e92fb28da6526aa421188910c793

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1914836
cf-polished: origSize=20164
cf-bgj: minify
cf-request-id: 06e0b4ba0e00002be900208000000001
last-modified: Sun, 15 Nov 2020 17:34:05 GMT
server: cloudflare
etag: W/"5fb1668d-4ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe15709aa882be9-FRA
expires: Sun, 22 Nov 2020 17:35:08 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 42ms
38ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 227148
cf-polished: origSize=149701
cf-bgj: minify
cf-request-id: 06e0b4ba0e00002be946271000000001
last-modified: Tue, 13 Aug 2019 07:42:38 GMT
server: cloudflare
etag: W/"5d5269ee-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe15709aa8d2be9-FRA
expires: Sat, 12 Dec 2020 06:23:16 GMT

GET
H2 200 global-bin-rev-20201116.js Show response
beforeitsnews.com/static/js-v3/ 19 KB
5 KB 38ms
35ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff943bf582a2b6018789b174549a271cec3f8e9eca1a0375452bc9f32d38e140

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1914836
cf-polished: origSize=19654
cf-bgj: minify
cf-request-id: 06e0b4ba0e00002be94da25000000001
last-modified: Sun, 15 Nov 2020 17:33:23 GMT
server: cloudflare
etag: W/"5fb16663-4cc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe15709aa8e2be9-FRA
expires: Sun, 22 Nov 2020 17:35:08 GMT

GET
H2 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 34ms
20ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 323316
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
cf-bgj: imgq:100,h2pri
content-length: 1886
cf-request-id: 06e0b4ba5f00002be94e27d000000001
last-modified: Mon, 18 Jun 2018 21:28:42 GMT
server: cloudflare
etag: "5b28240a-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c022be9-FRA
expires: Sat, 04 Dec 2021 03:40:28 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/OMSDhEhKOHE/ 19 KB
20 KB 33ms
17ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/OMSDhEhKOHE/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a75ee5535dd79135795d336091e946e331253ab73c9fbd085f390d11824cc5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19879
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:34:04 GMT

GET
H2 200 monkey-man-with-handcuffs_1368-11770.jpg
beforeitsnews.com/contributor/upload/106013/images/ 31 KB
32 KB 101ms
87ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/monkey-man-with-handcuffs_1368-11770.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de58861ada2eb07be95cb56797e1ca3054455c8b3b6bd710ae26c54814180f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 8679
cf-polished: origSize=34578, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 32154
cf-request-id: 06e0b4ba6000002be987871000000001
last-modified: Mon, 07 Dec 2020 19:01:39 GMT
server: cloudflare
etag: "5fce7c13-8712"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c062be9-FRA
expires: Tue, 07 Dec 2021 19:04:25 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/cOUesGIlnnQ/ 30 KB
30 KB 22ms
7ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/cOUesGIlnnQ/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8263dbe19b471f03feb7daf4b79657bab505b1f25fc6d78cd86d5aad4999ad6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:27:38 GMT
x-content-type-options: nosniff
server: sffe
age: 86
etag: "1607304856"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30671
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:32:38 GMT

GET
H2 200 b9kDWzBEANPY_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 40 KB
40 KB 426ms
149ms Image
image/jpeg 89.187.188.228
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/b9kDWzBEANPY_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.188.228 , Czech Republic, ASN60068 (CDN77, GB),

Reverse DNS

unn-89-187-188-228.cdn77.com

Software

BunnyCDN-CZ1-562 /

Resource Hash

469760e06380a0be9778f84e4c8e70f93856d71c43a4033cc4c45421ce0dd2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
cdn-edgestorageid: 562
age: 0
cdn-cachedat: 2020-12-07 00:25:25
cdn-pullzone: 89010
content-length: 40987
x-amz-request-id: tx000000000000013d4437c-005fcd6865-413ea97-nyc3a
last-modified: Sun, 06 Dec 2020 23:14:41 GMT
server: BunnyCDN-CZ1-562
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: b5e687e5f1bb7eb5aa31fb8c1b36bbdd
accept-ranges: bytes
cdn-requestcountrycode: NL

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/MEDEPnp-lIw/ 11 KB
11 KB 28ms
13ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/MEDEPnp-lIw/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65e3a9489eabe6de3256469cd23bf257108df15ae28af14c8dd1c994e6716f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:27:55 GMT
x-content-type-options: nosniff
server: sffe
age: 69
etag: "1607313476"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10817
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:32:55 GMT

GET
H2 200 c5aa02d8-1854-491c-8a39-f4ea652f3dd9-Trump_Lafayette_Square.jpg
www.gannett-cdn.com/presto/2020/09/10/USAT/ 37 KB
38 KB 163ms
50ms Image
image/webp 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2020/09/10/USAT/c5aa02d8-1854-491c-8a39-f4ea652f3dd9-Trump_Lafayette_Square.jpg?width=660&height=440&fit=crop&format=pjpg&auto=webp
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 58bc9f645c3d4dafc17d2d224e8909f124bab8d45d5f2cac340985c5fe5995f2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 427886
x-guploader-uploadid: ABg5-UwZn_brywshFVllvzRneAudPVIvJa6Yu8y1JGCuZpiAHwf2DkYc6h7Lcs1BOdRyDiwxNG1mnXkO3MR6G8cwXMk
x-cache: HIT, HIT
fastly-io-info: ifsz=1029644 idim=1382x921 ifmt=jpeg ofsz=38042 odim=660x440 ofmt=webp
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 38042
x-served-by: cache-bwi5124-BWI, cache-hhn4031-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.234_19-b59ea3f2308d57ce4287361c192023f6
server: UploadServer
x-timer: S1607376544.486834,VS0,VE1
etag: "+UQj1+rStrT8ofXFT5tr0RLMhxVDgbjRLBfUoLMCMcA"
vary: Accept
x-goog-hash: crc32c=uAFRRg==, md5=0y3eJyOtt+bmI4zMBgg7Mg==
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 02 Dec 2020 22:37:39 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 1

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/hZYX8Mp-dws/ 38 KB
38 KB 29ms
14ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/hZYX8Mp-dws/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5589ca1c5c603efd892f6295a0f2f8343b6230f07bc8800c5777ba263a89f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:27:38 GMT
x-content-type-options: nosniff
server: sffe
age: 86
etag: "1607284112"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38877
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:32:38 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/pN53NVT2mzM/ 15 KB
15 KB 26ms
11ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/pN53NVT2mzM/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48e998cac3d6c5f9758210557ed919f8970ff5137c0f57552d995789021f39a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:27:38 GMT
x-content-type-options: nosniff
server: sffe
age: 86
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:32:38 GMT

GET
H2 200 A_JailCell.jpg
beforeitsnews.com/contributor/upload/428376/images/ 59 KB
59 KB 67ms
53ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/428376/images/A_JailCell.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1022019395c8ba5831ef367bec12d9c0c837362a95b32cab0e2db67dc3c9a5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 490269
cf-polished: origSize=64137, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 60571
cf-request-id: 06e0b4ba6100002be93d3f2000000001
last-modified: Wed, 02 Dec 2020 05:16:43 GMT
server: cloudflare
etag: "5fc7233b-fa89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c0c2be9-FRA
expires: Thu, 02 Dec 2021 05:17:55 GMT

GET
H2 200 GettyImages-1212368278_1920x1080.jpg
hub.umd.edu/sites/default/files/2020-03/image/ 252 KB
252 KB 580ms
403ms Image
image/jpeg 143.204.55.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hub.umd.edu/sites/default/files/2020-03/image/GettyImages-1212368278_1920x1080.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.55.6 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-55-6.osl50.r.cloudfront.net

Software

Apache/2.4.6 (Red Hat Enterprise Linux) /

Resource Hash

5d976cb0aee5149bdc5a7d0456be278a1449ed15f419470af3f87f745b2b996e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 26 Mar 2020 20:24:35 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux)
x-amz-cf-pop: OSL50-C1
etag: "3eed7-5a1c7c5f44488"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 257751
x-amz-cf-id: 8c46YNGq9Mb3MNIOB0NGFegA74Du_iN1DUjF7URpVnBnKoCcTrnW2w==
expires: Mon, 21 Dec 2020 21:29:04 GMT

GET
H2 200 unnamed%20(2)(3).jpg
beforeitsnews.com/contributor/upload/106013/images/ 46 KB
46 KB 47ms
33ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/unnamed%20(2)(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

096d1b86ee573ec926853ddd24e0a7a68f500a274ed19ca196b85dd12ef6c53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18904
cf-polished: origSize=49863, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 47203
cf-request-id: 06e0b4ba6100002be90a998000000001
last-modified: Mon, 07 Dec 2020 16:10:19 GMT
server: cloudflare
etag: "5fce53eb-c2c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c0e2be9-FRA
expires: Tue, 07 Dec 2021 16:14:00 GMT

GET
H2 200 communism2.png
www.mackinac.org/media/images/2018/sizes/1600x840/ 339 KB
340 KB 480ms
155ms Image
image/png 146.20.201.92
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mackinac.org/media/images/2018/sizes/1600x840/communism2.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.20.201.92 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 491b6ac6ccb8f823d6a040f925cc11f2353bf2cad6f0e361b7f6bbc0c9d793ce

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
last-modified: Thu, 10 Jan 2019 16:19:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7c0b3500a9d41:0"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 347290

GET
H2 200 Dr-Steve-Pieczenik.jpg
beforeitsnews.com/contributor/upload/662794/images/ 23 KB
23 KB 49ms
36ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/662794/images/Dr-Steve-Pieczenik.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e4889710c23da4845566b6bcf7e01709c95b8a6db7cc3a268803c906370ae48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2369
cf-polished: origSize=24425, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 23152
cf-request-id: 06e0b4ba6100002be9853ba000000001
last-modified: Mon, 07 Dec 2020 20:48:19 GMT
server: cloudflare
etag: "5fce9513-5f69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c112be9-FRA
expires: Tue, 07 Dec 2021 20:49:35 GMT

GET
H/1.1 200
OK pasted_image_0.png
www.rumormillnews.com/pix/ 699 KB
699 KB 272ms
230ms Image
image/png 45.79.195.246
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rumormillnews.com/pix/pasted_image_0.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Server: 45.79.195.246 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: rumormillnews.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: fb3510b827835b851396cd05695713efff68826162ca27a73298fb29ee46a1f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 21:29:04 GMT
Last-Modified: Sat, 05 Dec 2020 08:37:38 GMT
Server: Apache/2.4.10 (Debian)
ETag: "aeabb-5b5b381650e3e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 715451

GET
H2 200 download(10).jpg
beforeitsnews.com/contributor/upload/106013/images/ 97 KB
97 KB 42ms
29ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/download(10).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74dc1ce69ebdb1f0d1bd7b497a99310356873e99f87bb4a98db1db55a6a61e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18904
cf-polished: origSize=106860, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 99056
cf-request-id: 06e0b4ba6100002be94caf1000000001
last-modified: Mon, 07 Dec 2020 15:59:01 GMT
server: cloudflare
etag: "5fce5145-1a16c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c122be9-FRA
expires: Tue, 07 Dec 2021 16:14:00 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/bRMn_sGt9hk/ 39 KB
39 KB 40ms
26ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/bRMn_sGt9hk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9235af5c4e1d0192a2edb6d4b435cf36707a30bb82dacfb2a66765b22c1781fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:27:38 GMT
x-content-type-options: nosniff
server: sffe
age: 86
etag: "1607230125"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40147
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:32:38 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/h8g43ij9Z30/ 6 KB
7 KB 48ms
34ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/h8g43ij9Z30/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1423ae3999df23d3cc81aa3d4d20395d967d98d16b2271d871d5cd2f64c9f4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1607236816"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6632
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:34:04 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/M34-gcn8-ns/ 23 KB
24 KB 35ms
21ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/M34-gcn8-ns/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

655fdf32eb82abb2fcc311dd4ee6e946ff1882cfd3c1eb153aa4ab4e88926fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:27:38 GMT
x-content-type-options: nosniff
server: sffe
age: 86
etag: "1607193008"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24002
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:32:38 GMT

GET
H2 200 screen-shot-2020-12-07-at-6.20.21-am.png
justusaknight.files.wordpress.com/2020/12/ 797 KB
798 KB 160ms
61ms Image
image/png 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://justusaknight.files.wordpress.com/2020/12/screen-shot-2020-12-07-at-6.20.21-am.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

38bca17115bb377291b72eb72753639aa1d1a128c0863830ba9e743ae9942738

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 23 np
date: Mon, 07 Dec 2020 21:29:04 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 07 Dec 2020 13:24:39 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://justusaknight.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 815924
expires: Wed, 13 Jan 2021 19:42:37 GMT

GET
H2 200 external-content_duckduckgo-2%20(4).jpg
beforeitsnews.com/contributor/upload/724569/images/ 15 KB
16 KB 82ms
70ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/external-content_duckduckgo-2%20(4).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b1698c096260e4b442f1b8429b221cc45f7ec96d1ed34aebf931dcaa0189cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2482389
cf-polished: origSize=19749, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 15733
cf-request-id: 06e0b4ba6200002be93486d000000001
last-modified: Wed, 22 Jul 2020 19:12:26 GMT
server: cloudflare
etag: "5f188f9a-4d25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c152be9-FRA
expires: Tue, 09 Nov 2021 03:55:55 GMT

GET
H2 200 The_Pentagon_US_Department_of_Defense_building.jpg
www.naturalnews.com/wp-content/uploads/sites/91/2020/12/ 964 KB
965 KB 56ms
29ms Image
image/jpeg 2606:4700::6810:8646
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalnews.com/wp-content/uploads/sites/91/2020/12/The_Pentagon_US_Department_of_Defense_building.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8646 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f99f4e32624c915bc7fa18dc454de580b2035f9c9ebcd6ea3a1c9dddecaca5e8

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
cf-cache-status: HIT
age: 32
x-powered-by: ASP.NET
last-modified: Fri, 04 Dec 2020 21:51:41 GMT
content-length: 986991
cf-request-id: 06e0b4ba8900001f192a861000000001
cf-bgj: h2pri
server: cloudflare
etag: "fdf4a4a687cad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5fe1570a7e761f19-FRA
expires: Mon, 07 Dec 2020 21:30:04 GMT

GET
H/1.1

200
OK

donald-trump-wins-692x360.jpg
www.kcnonline.com/wp/wp-content/uploads/2016/11/
Redirect Chain

http://www.kcnonline.com/wp/wp-content/uploads/2016/11/donald-trump-wins-692x360.jpg
https://www.kcnonline.com/wp/wp-content/uploads/2016/11/donald-trump-wins-692x360.jpg

45 KB
46 KB

569ms
190ms

Image
image/jpeg

192.232.253.205
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kcnonline.com/wp/wp-content/uploads/2016/11/donald-trump-wins-692x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

192.232.253.205 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-232-253-205.unifiedlayer.com

Software

Apache /

Resource Hash

212fdc71c195e49189685ca3fa070d8d07586dcbbf088e70bac489bd61437a14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-Security-Policy: upgrade-insecure-requests
Last-Modified: Wed, 09 Nov 2016 15:15:59 GMT
Server: Apache
Date: Mon, 07 Dec 2020 21:29:05 GMT
X-Endurance-Cache-Level: 2
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 46568
Expires: Tue, 08 Dec 2020 21:29:05 GMT

Redirect headers

Date: Mon, 07 Dec 2020 21:29:04 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.kcnonline.com/wp/wp-content/uploads/2016/11/donald-trump-wins-692x360.jpg
Cache-Control: max-age=300
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 293
Expires: Mon, 07 Dec 2020 21:34:04 GMT

GET
H/1.1 200
OK china-1-300x200.jpg
tapnewswire.com/wp-content/uploads/2020/12/ 18 KB
19 KB 389ms
184ms Image
image/jpeg 2401:c900:1101:143:9::e
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tapnewswire.com/wp-content/uploads/2020/12/china-1-300x200.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Server: 2401:c900:1101:143:9::e , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx /
Resource Hash: d797dd8d3d72684bb938c26a1d3892b4f09f2e604c3f3a34db9e791c8bb43b04

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 21:29:04 GMT
Last-Modified: Mon, 07 Dec 2020 09:22:52 GMT
Server: nginx
ETag: "5fcdf46c-493c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18748

GET
H2 200 Chromosome%208.jpg
beforeitsnews.com/contributor/upload/724569/images/ 40 KB
40 KB 64ms
52ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Chromosome%208.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f09084c3892e42c412c8e98dbf390cb02d544d293744e8698940439031598255

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2821236
cf-polished: origSize=47957, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 40710
cf-request-id: 06e0b4ba6200002be967302000000001
last-modified: Mon, 24 Aug 2020 09:47:13 GMT
server: cloudflare
etag: "5f438ca1-bb55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c172be9-FRA
expires: Fri, 05 Nov 2021 05:48:28 GMT

GET
H2 200 A_DNA2.jpg
beforeitsnews.com/contributor/upload/428376/images/ 37 KB
37 KB 38ms
27ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/428376/images/A_DNA2.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6480a6c748486ede027085a871d2f2962474e6d1232a4599faec693bfb4cd232

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261073
cf-polished: origSize=40237, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 37824
cf-request-id: 06e0b4ba6500002be986a33000000001
last-modified: Sat, 26 Sep 2020 01:28:11 GMT
server: cloudflare
etag: "5f6e992b-9d2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c182be9-FRA
expires: Sat, 04 Dec 2021 20:57:51 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/KmoZ5HoWMQ0/ 97 KB
97 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/KmoZ5HoWMQ0/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c926e155ad63f5cee160716261893bff8839e7610f2dd2e609fa61d76c427d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:59:05 GMT
x-content-type-options: nosniff
server: sffe
age: 1799
etag: "1606821188"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99062
x-xss-protection: 0
expires: Mon, 07 Dec 2020 22:59:05 GMT

GET
H2 200 OIP_UhMNvu0_UDpDqrW-txTcAAHaB-.jpg
beforeitsnews.com/contributor/upload/724569/images/ 8 KB
8 KB 39ms
28ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/OIP_UhMNvu0_UDpDqrW-txTcAAHaB-.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e74e59de4b2f53f817fac05e07904a52765cfd6b75775594a620110bc14fd19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 161369
cf-polished: origSize=11762, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 8004
cf-request-id: 06e0b4ba6500002be94627e000000001
last-modified: Sun, 06 Dec 2020 00:16:32 GMT
server: cloudflare
etag: "5fcc22e0-2df2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c232be9-FRA
expires: Mon, 06 Dec 2021 00:39:35 GMT

GET
H2 200 loading.gif
beforeitsnews.com/img/v3/ 14 KB
14 KB 63ms
52ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 331126
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
cf-bgj: imgq:100,h2pri
content-length: 14030
cf-request-id: 06e0b4ba6500002be91cba0000000001
last-modified: Wed, 13 Jun 2018 18:37:21 GMT
server: cloudflare
etag: "5b216461-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c242be9-FRA
expires: Sat, 04 Dec 2021 01:30:18 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/Qc_KXB7QtuA/ 30 KB
30 KB 27ms
23ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Qc_KXB7QtuA/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74ca8a659f59f936869eae58d11b6355e2273618e5e171f281d727f92f9b12d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:27:38 GMT
x-content-type-options: nosniff
server: sffe
age: 86
etag: "1607340376"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30851
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:32:38 GMT

GET
H2 200 Virus7(1).jpg
beforeitsnews.com/contributor/upload/428376/images/ 71 KB
71 KB 63ms
52ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/428376/images/Virus7(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e0a7352d463b8c9c1de13220cf23b612c82733c3d975a068ce8707f62f0625

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 150101
cf-polished: origSize=77238, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 72408
cf-request-id: 06e0b4ba6600002be96431c000000001
last-modified: Tue, 10 Mar 2020 06:43:07 GMT
server: cloudflare
etag: "5e6736fb-12db6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c252be9-FRA
expires: Mon, 06 Dec 2021 03:47:23 GMT

GET
H3-Q050 200 maxresdefault.jpg
i.ytimg.com/vi/wLGq6Q_oFQ4/ 84 KB
84 KB 35ms
20ms Image
image/jpeg 2a00:1450:4001:81b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wLGq6Q_oFQ4/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84f56d0012a257578576ebecc8d42f71f271f242d64db9afd7b18748781757b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:11 GMT
x-content-type-options: nosniff
server: sffe
age: 1373
etag: "1539074769"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85639
x-xss-protection: 0
expires: Mon, 07 Dec 2020 23:06:11 GMT

GET
H2 200 Screen-Shot-2020-12-07-at-10.27.28-AM.png
lisahaven.news/wp-content/uploads/2020/12/ 801 KB
803 KB 57ms
24ms Image
image/png 2606:4700:3034::681f:5aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lisahaven.news/wp-content/uploads/2020/12/Screen-Shot-2020-12-07-at-10.27.28-AM.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3034::681f:5aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46e2426950a346eef506810b92a3ecef65578d5f5225e862af6cb442ad66cb3

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6429
content-length: 820484
cf-request-id: 06e0b4baa5000005f5ac814000000001
last-modified: Mon, 07 Dec 2020 17:36:16 GMT
server: cloudflare
etag: "c8504-5b5e3435f98bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fmz6dpYvM%2BVnNEZdCRZRIw7VUBSK0oob6eTzdsrrEgWlFwPOPFwde2YrTWIJNFYZ1OdPpJ%2BsR0EBJg8H13nShdTSNkfhXEOsXLpfkrp1Xg06dhUikysz8K4FEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5fe1570aa9d805f5-FRA

GET
H3-Q050 200 maxresdefault.jpg
i.ytimg.com/vi/bWzIimTw_wQ/ 75 KB
75 KB 23ms
16ms Image
image/jpeg 2a00:1450:4001:81b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/bWzIimTw_wQ/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2b31a2db0bb6f2be828351d336aac64c0355083ed21b7ae3ca7b5f73985e8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:14:54 GMT
x-content-type-options: nosniff
server: sffe
age: 850
etag: "1554910290"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76708
x-xss-protection: 0
expires: Mon, 07 Dec 2020 23:14:54 GMT

GET
H2 200 hqdefault%20(2)(4).jpg
beforeitsnews.com/contributor/upload/106013/images/ 16 KB
17 KB 69ms
59ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/hqdefault%20(2)(4).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8fe04aeb976e2cd7d6e42a593115ac34b8bcbbc0b46bb8f6e1398f836eb7502

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 14612
cf-polished: origSize=17428, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 16766
cf-request-id: 06e0b4ba6600002be95b860000000001
last-modified: Mon, 07 Dec 2020 17:24:08 GMT
server: cloudflare
etag: "5fce6538-4414"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c262be9-FRA
expires: Tue, 07 Dec 2021 17:25:32 GMT

GET
H2 200 navyseals_1200x800.jpg
beforeitsnews.com/contributor/upload/106013/images/ 66 KB
66 KB 44ms
34ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/navyseals_1200x800.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4c8e3280f3313515d1730ab74a3e0401aeebf7ea43d195aef1105a848949c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 194801
cf-polished: origSize=71105, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 67374
cf-request-id: 06e0b4ba6600002be93abe4000000001
last-modified: Sat, 05 Dec 2020 15:20:11 GMT
server: cloudflare
etag: "5fcba52b-115c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c282be9-FRA
expires: Sun, 05 Dec 2021 15:22:23 GMT

GET
H2 200 EavoYDNIhiqX_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 61 KB
61 KB 407ms
233ms Image
image/jpeg 89.187.188.228
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/EavoYDNIhiqX_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.188.228 , Czech Republic, ASN60068 (CDN77, GB),

Reverse DNS

unn-89-187-188-228.cdn77.com

Software

BunnyCDN-CZ1-562 /

Resource Hash

3708fe096b7ce52840860be4aad06b783d0fb5acb7f4ea6193d489f20dbb4faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
cdn-edgestorageid: 562
age: 0
cdn-cachedat: 2020-12-05 05:00:34
cdn-pullzone: 89010
content-length: 62486
x-amz-request-id: tx00000000000001272133d-005fcb05e1-413ea97-nyc3a
last-modified: Sat, 05 Dec 2020 03:51:52 GMT
server: BunnyCDN-CZ1-562
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 649566917635f90d631531427786dbcf
accept-ranges: bytes
cdn-requestcountrycode: NL

GET
H2 200 A_COVID2.jpg
beforeitsnews.com/contributor/upload/428376/images/ 24 KB
24 KB 63ms
54ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/428376/images/A_COVID2.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5f77b7d5711d6232b501de3a3320dd6bd6fe56d2f1f29e47205cabde34a28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 324721
cf-polished: origFmt=jpeg, origSize=30849
content-disposition: inline; filename="A_COVID2.webp"
cf-bgj: imgq:100,h2pri
content-length: 24158
cf-request-id: 06e0b4ba6600002be92a294000000001
last-modified: Tue, 01 Dec 2020 17:54:17 GMT
server: cloudflare
etag: "5fc68349-7881"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c2a2be9-FRA
expires: Sat, 04 Dec 2021 03:17:03 GMT

GET
H2 200 960x0.jpg
specials-images.forbesimg.com/imageserve/5fca751dcadf17a8c6e55342/ 76 KB
76 KB 163ms
42ms Image
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://specials-images.forbesimg.com/imageserve/5fca751dcadf17a8c6e55342/960x0.jpg?fit=scale

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

92164654a622861423152edced13a313916d283b51b6202d98d6876011d3e074

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
via: 1.1 varnish, 1.1 varnish
server: istio-envoy
age: 272656
strict-transport-security: max-age=900
x-cache: HIT, HIT
content-type: image/png
expires: Sun, 03 Jan 2021 18:06:25 GMT
cache-control: public, max-age=2592000
x-envoy-upstream-service-time: 389
x-cache-hits: 2, 1
accept-ranges: bytes
x-timer: S1607376545.590298,VS0,VE1
content-length: 77637
x-served-by: cache-dca17748-DCA, cache-fra19131-FRA

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/zXLgW_zywps/ 23 KB
23 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/zXLgW_zywps/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

787af9181d9d63fcd0bdac687262b12aa5844b194daceabd7ca1295efcd4cd0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:27:38 GMT
x-content-type-options: nosniff
server: sffe
age: 86
etag: "1607360480"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23657
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:32:38 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/doT-w_g2Yvg/ 33 KB
33 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/doT-w_g2Yvg/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afced6b05900eb2374424c93601ecfb08dac8f43a15c3bde20cf40bf013bf4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1607126341"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33613
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:34:04 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/I31dsJflJ2A/ 21 KB
21 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/I31dsJflJ2A/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3eccd5db0acacdb05957eb4bf8bd9ea8ec9a7fb8b8534678303c79825430537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1607123280"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21857
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:34:04 GMT

GET
H2 200 screen-shot-2020-12-06-at-11.58.00-am.png
justusaknight.files.wordpress.com/2020/12/ 361 KB
361 KB 138ms
138ms Image
image/png 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://justusaknight.files.wordpress.com/2020/12/screen-shot-2020-12-06-at-11.58.00-am.png?w=1024

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8ceae33eb2d3af55d1541ba59d9150dd15a61b1a02a1bdeec8cd578743f362ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 23 np
date: Mon, 07 Dec 2020 21:29:04 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Sun, 06 Dec 2020 18:58:10 GMT
server: nginx
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://justusaknight.wordpress.com
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 369576
access-control-allow-credentials: true
expires: Fri, 01 Jan 2021 17:08:26 GMT

GET
H2 200 Scream.jpg
beforeitsnews.com/contributor/upload/724569/images/ 30 KB
30 KB 42ms
34ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Scream.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b033f3be60006619caf7f5854f709f68d150262a14f869e06733fa4613629d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 251807
cf-polished: origSize=34791, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 30214
cf-request-id: 06e0b4ba6700002be9610da000000001
last-modified: Fri, 04 Dec 2020 23:14:37 GMT
server: cloudflare
etag: "5fcac2dd-87e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c2b2be9-FRA
expires: Sat, 04 Dec 2021 23:32:17 GMT

GET
H2 200 OIP%20(3)(5).jpg
beforeitsnews.com/contributor/upload/106013/images/ 16 KB
17 KB 41ms
33ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(5).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

335239228494644fe91797bc46dff9d011e01ee520178a012170249df72e5205

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 15322
cf-polished: origSize=17957, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 16649
cf-request-id: 06e0b4ba6700002be98cb7d000000001
last-modified: Mon, 07 Dec 2020 17:11:55 GMT
server: cloudflare
etag: "5fce625b-4625"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c2d2be9-FRA
expires: Tue, 07 Dec 2021 17:13:42 GMT

GET
H2 200 MOSHED-2020-12-6-22-3-16-300x300.gif
www.ournewearthnews.com/wp-content/uploads/2020/12/ 44 KB
45 KB 787ms
449ms Image
image/gif 162.241.30.109
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ournewearthnews.com/wp-content/uploads/2020/12/MOSHED-2020-12-6-22-3-16-300x300.gif
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.30.109 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5924.bluehost.com
Software: nginx/1.19.0 /
Resource Hash: e1d90a442eab4724bb5cbb1b17d9bbad896d1b1a54c5b9005eef56be71ed0845

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
last-modified: Mon, 07 Dec 2020 17:57:27 GMT
server: nginx/1.19.0
accept-ranges: bytes
x-server-cache: false
content-type: image/gif
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 45179

GET
H2 200 hqdefault_live(2).jpg
beforeitsnews.com/contributor/upload/106013/images/ 25 KB
25 KB 61ms
53ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/hqdefault_live(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad402a0740472d677fd4543113c841486202303a0dfa8c96e8a62d7a1221c805

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 266201
cf-polished: origSize=26612, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 25196
cf-request-id: 06e0b4ba6c00002be925041000000001
last-modified: Fri, 04 Dec 2020 19:22:07 GMT
server: cloudflare
etag: "5fca8c5f-67f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c2f2be9-FRA
expires: Sat, 04 Dec 2021 19:32:23 GMT

GET
H2 200 07Barr-06-mobileMasterAt3x.jpg
static01.nyt.com/images/2020/06/07/magazine/07Barr-06/ 281 KB
281 KB 136ms
44ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/06/07/magazine/07Barr-06/07Barr-06-mobileMasterAt3x.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b5a14898539e36b752fd2c7df1259a868b5e81028cee2d23b184424b4af20a8e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 378672
x-guploader-uploadid: ABg5-UxqBsBawPmrpTK_1r1xk_R-HUnQdyO-NutptYDf8BlDhUGmZg8_dOxaYueqtwMidKATYC2bx-zRacLqc03pmUEuzPiTsQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 287301
x-served-by: cache-bwi5123-BWI, cache-hhn4083-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Mon, 01 Jun 2020 21:26:11 GMT
server: UploadServer
x-timer: S1607376545.807211,VS0,VE1
etag: "25b1b14abeb80fd6c963bb5a5f3c1625"
vary: Origin
x-goog-hash: crc32c=UAS3/A==, md5=JbGxSr64D9bJY7taXzwWJQ==
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 26 Nov 2020 23:41:20 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Screen%20Shot%202020-12-07%20at%2010_08_30%20PM.jpg
beforeitsnews.com/contributor/upload/724569/images/ 66 KB
66 KB 43ms
36ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-12-07%20at%2010_08_30%20PM.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df622b26e7c42e5404cfeb23c4563181e299d7c7322d98e3b9a32b4deab156d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4520
cf-polished: origSize=75798, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 67129
cf-request-id: 06e0b4ba6700002be95e25d000000001
last-modified: Mon, 07 Dec 2020 20:10:22 GMT
server: cloudflare
etag: "5fce8c2e-12816"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c312be9-FRA
expires: Tue, 07 Dec 2021 20:13:44 GMT

GET
H2 200 Trump-Election-Victory-America-Fireworks.jpg
www.naturalnews.com/wp-content/uploads/sites/91/2020/11/ 357 KB
357 KB 259ms
259ms Image
image/jpeg 2606:4700::6810:8646
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalnews.com/wp-content/uploads/sites/91/2020/11/Trump-Election-Victory-America-Fireworks.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8646 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ec9a1a01e80f3ba551290926ba2e221cdb730d445c9d4b25bc91a6df7f4482d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
last-modified: Tue, 01 Dec 2020 08:18:21 GMT
content-length: 365269
cf-request-id: 06e0b4bbb100001f19e7209000000001
cf-bgj: h2pri
server: cloudflare
etag: "245ad887bac7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5fe1570c4a741f19-FRA
expires: Mon, 07 Dec 2020 21:30:04 GMT

GET
H/1.1 200
OK 051720_VirusMyths.jpg
www.milwaukeeindependent.com/wp-content/uploads/2020/05/ 81 KB
81 KB 404ms
126ms Image
image/jpeg 64.202.184.137
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.milwaukeeindependent.com/wp-content/uploads/2020/05/051720_VirusMyths.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.202.184.137 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-64-202-184-137.secureserver.net
Software: Apache /
Resource Hash: 7267f423d41d0afb9b46cf0586dda937fd7610a1f569377abaee417fefd60858

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 21:29:04 GMT
Last-Modified: Sun, 17 May 2020 19:55:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 83045

GET
H2 200 download%20-%202020-11-27T094723_908.jpeg
beforeitsnews.com/contributor/upload/30080/images/ 9 KB
9 KB 67ms
60ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/30080/images/download%20-%202020-11-27T094723_908.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd01a48a1ca01f9145e5604786844c2588d2b682b788c7a80f69d44f4a05d5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 883993
cf-polished: origSize=9617, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 9449
cf-request-id: 06e0b4ba6800002be9041d9000000001
last-modified: Fri, 27 Nov 2020 15:48:02 GMT
server: cloudflare
etag: "5fc11fb2-2591"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c332be9-FRA
expires: Sat, 27 Nov 2021 15:55:51 GMT

GET
H2 200 America-the-Beautiful.jpg
cdn.shopify.com/s/files/1/0436/4061/products/ 313 KB
314 KB 21ms
7ms Image
image/webp 2a02:26f0:6c00:2a3::2e0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0436/4061/products/America-the-Beautiful.jpg?v=1397609623

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

138bad2908491d2d35ba09271ce1b07c30b17fe8f8a9a35370a671643867186f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-dc: gcp-us-east1
content-length: 320570
x-xss-protection: 1; mode=block
x-request-id: 127046b
surrogate-key: mime-image/webp source-ShopAssetsBackend segment2-64 segment4-16421 revision-5459dabef1063e68ce75ee875307950d68c97d5b cdn-shopify-com-s-files-1-0436-4061-products-America-the-Beautiful-jpg shop-4364061
last-modified: Mon, 07 Dec 2020 01:12:49 GMT
date: Mon, 07 Dec 2020 21:29:04 GMT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0436/4061/products/America-the-Beautiful.jpg>; rel="canonical"
expires: Tue, 07 Dec 2021 01:12:48 GMT

GET
H2 200 ads.png
beforeitsnews.com/img/v3/ 34 B
231 B 64ms
58ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 329336
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
cf-bgj: imgq:100,h2pri
content-length: 34
cf-request-id: 06e0b4ba6800002be97bb33000000001
last-modified: Thu, 30 May 2019 00:55:31 GMT
server: cloudflare
etag: "5cef2a03-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c342be9-FRA
expires: Sat, 04 Dec 2021 02:00:08 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/eX9Hs1b0VIQ/ 10 KB
10 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:81b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/eX9Hs1b0VIQ/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a94790e5289bf41673d08612a2af78a991ad150fe585b5c0e13c693c5b2adbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1598761412"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10445
x-xss-protection: 0
expires: Mon, 07 Dec 2020 23:29:04 GMT

GET
H2 200 scientist_reveals_real.jpg
beforeitsnews.com/img/banner2020/ 45 KB
45 KB 71ms
65ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 331026
cf-polished: origFmt=jpeg, origSize=55516
content-disposition: inline; filename="scientist_reveals_real.webp"
cf-bgj: imgq:100,h2pri
content-length: 46020
cf-request-id: 06e0b4ba6800002be90e105000000001
last-modified: Sat, 24 Oct 2020 03:28:46 GMT
server: cloudflare
etag: "5f939f6e-d8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c362be9-FRA
expires: Sat, 04 Dec 2021 01:31:58 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/RFzTuaVS8Kk/ 11 KB
12 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/RFzTuaVS8Kk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83980d2c6be63121ae377e3315c6bdc744309de315d43983dbadf8bd611b4a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:06:18 GMT
x-content-type-options: nosniff
server: sffe
age: 4966
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11732
x-xss-protection: 0
expires: Mon, 07 Dec 2020 22:06:18 GMT

GET
H2 200 emigrate2.jpeg
beforeitsnews.com/img/banner2020/ 55 KB
55 KB 36ms
30ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner2020/emigrate2.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 215489
cf-polished: origSize=56198, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 55905
cf-request-id: 06e0b4ba6800002be9719ba000000001
last-modified: Tue, 18 Aug 2020 10:27:58 GMT
server: cloudflare
etag: "5f3bad2e-db86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c382be9-FRA
expires: Sun, 05 Dec 2021 09:37:34 GMT

GET
H2 200 polaraidhealth.jpeg
beforeitsnews.com/img/banner2020/ 45 KB
46 KB 40ms
34ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner2020/polaraidhealth.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56370
cf-polished: origSize=46655, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 46365
cf-request-id: 06e0b4ba6800002be9853bb000000001
last-modified: Sat, 22 Aug 2020 10:50:47 GMT
server: cloudflare
etag: "5f40f887-b63f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c3a2be9-FRA
expires: Tue, 07 Dec 2021 05:49:34 GMT

GET
H2 200 BCX_Rife350x290.jpg
beforeitsnews.com/img/banner2020/ 36 KB
36 KB 42ms
36ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner2020/BCX_Rife350x290.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1675706
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
content-length: 36512
cf-request-id: 06e0b4ba6800002be967303000000001
last-modified: Wed, 18 Nov 2020 11:58:34 GMT
server: cloudflare
etag: "5fb50c6a-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c3c2be9-FRA
expires: Thu, 18 Nov 2021 12:00:38 GMT

GET
H2 200 tabs-bin-rev-20201116.js Show response
beforeitsnews.com/static/js-v3/ 148 B
247 B 35ms
34ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20201116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1914836
cf-polished: origSize=189
cf-bgj: minify
cf-request-id: 06e0b4ba3f00002be92210b000000001
last-modified: Sun, 15 Nov 2020 17:33:27 GMT
server: cloudflare
etag: W/"5fb16667-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe15709fb832be9-FRA
expires: Sun, 22 Nov 2020 17:35:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e22bd92d2280ca7c46b51de3d792fe96d68688dfcde47a4b78b7712ef7010138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38720
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Dec 2020 21:29:04 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0f7ffb0394b87cc73b204d2f10221b50d35559604ba7257b5617cbdbdba92e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1881
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 100 KB
32 KB 53ms
16ms Script
text/javascript 2600:9000:2104:6800:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6800:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 47f5b2ba7dc4b1d498cf2f83bb1df236323a984a0d58e7a38e19951e39bd176f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:24:26 GMT
content-encoding: gzip
age: 278
etag: W/"191a1-f+Ej8FZ9fSI4UoZYvR0ukXG/9to"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: w3n3tRJl6tJTPlFzRpvn2LEByv2aEPEbao6xor9u99am4h8ZEwdPFw==

GET
H2 200 Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 38ms
33ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 2990429
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 7D318228C46EEFE0
x-amz-id-2: 4/NqYEtT+3aX8zPWmihR6JWXBSi9ALFW50lxCLXE8K3Lt5LCFmIow4hTfZJlo+ZnzUz61Z0RxuY=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"93a3e7d84b15a0c8a8a9e4e6c8779aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3R09nKFA1fkBWMCXCpPvkqre3wT0snqV
cf-request-id: 06e0b4ba6900002be90fbc1000000001
cf-ray: 5fe1570a3c3e2be9-FRA

GET
H2 200 /
www.bitchute.com/embed/xlmCvOqhPHdw/ Frame 4670 0
0 197ms
167ms Document
text/html 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/embed/xlmCvOqhPHdw/

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bitchute.com
:scheme: https
:path: /embed/xlmCvOqhPHdw/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5fab10eaf8e1e88f27ae0eb65bc07fde1607376544; expires=Wed, 06-Jan-21 21:29:04 GMT; path=/; domain=.bitchute.com; HttpOnly; SameSite=Lax; Secure
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 06e0b4ba770000980e4b206000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tjy4qZLOvHuXfmH2k8cYfbvS4khD42e7dx6D9glnWY2tl%2BprVdSS3pp7yEJb7ylkeZuz7%2BfKXB9ahQV0vw2Mj0lEn7aEx4P6JwFm5KtrPJYSxc6mZlQkisGJ0Mjm"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fe1570a5ad4980e-FRA
content-encoding: br

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
343 B 64ms
59ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1064130
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
cf-bgj: imgq:100,h2pri
content-length: 100
cf-request-id: 06e0b4ba6900002be909251000000001
last-modified: Mon, 18 Jun 2018 21:28:42 GMT
server: cloudflare
etag: "5b28240a-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a3c402be9-FRA
expires: Thu, 25 Nov 2021 13:53:34 GMT

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
888 B 117ms
113ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 319919
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
cf-bgj: imgq:100,h2pri
content-length: 686
cf-request-id: 06e0b4ba6900002be971221000000001
last-modified: Thu, 13 Apr 2017 09:52:51 GMT
server: cloudflare
etag: "58ef4a73-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570a4c422be9-FRA
expires: Sat, 04 Dec 2021 04:37:05 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v35/ 13 KB
13 KB 7ms
6ms Font
font/woff 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v35/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 08:38:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 19:17:42 GMT
server: sffe
age: 564633
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13064
x-xss-protection: 0
expires: Wed, 01 Dec 2021 08:38:31 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 11:35:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:15:51 GMT
server: sffe
age: 208393
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9028
x-xss-protection: 0
expires: Sun, 05 Dec 2021 11:35:51 GMT

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 28ms
28ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327377
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
content-length: 15334
cf-request-id: 06e0b4bafc00002be93eb6e000000001
last-modified: Sat, 09 Feb 2019 15:29:21 GMT
server: cloudflare
etag: "5c5ef1d1-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570b2eae2be9-FRA
expires: Sat, 04 Dec 2021 02:32:46 GMT

GET
H2 200 incr_views.php Show response
beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/ 6 B
172 B 510ms
510ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/incr_views.php?id=20&_=1607376544517

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bca5a1c00da3158573510cfc9aca7c951bf8ccef62e383ca6917a9f7853976c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 5fe1570b4ed72be9-FRA
content-length: 6
cf-request-id: 06e0b4bb0900002be97db49000000001

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame E6DD 207 KB
55 KB 143ms
58ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202011721
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911a95b5ebc85069d70b49165bbb081f87277d48f598648e9f3f57a576ce0d59

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 949
cf-polished: origSize=211914
last-modified: Mon, 23 Nov 2020 10:21:37 GMT
x-amz-request-id: 26A72D5D883119F0
x-amz-id-2: Ep+G87hE/Wfn6Y/LZS6YJ6MyA8Ly5TWcq5bqX9AdLUarxCQSzUbbaoyzYN4R1v2W5FdW7iMG/7Q=
cf-bgj: minify
server: cloudflare
etag: W/"2d31eaa26b18d508e3d54de779ffb8ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 06e0b4bcb500000bf9fdb11000000001
cf-ray: 5fe1570def0f0bf9-AMS
expires: Tue, 08 Dec 2020 00:29:04 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 37ms
37ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 65094
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
content-length: 43060
cf-request-id: 06e0b4bb1000002be93487a000000001
last-modified: Thu, 28 May 2020 11:32:46 GMT
server: cloudflare
etag: "5ecfa15e-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570b4ef82be9-FRA
expires: Tue, 07 Dec 2021 03:24:10 GMT

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame 39F2 208 KB
55 KB 173ms
127ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202011721
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed0549c6c4d11bd4fa70f8bfc652dda717a3c172d5feb72b25c96d1e350832e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 2225
cf-polished: origSize=213308
last-modified: Mon, 23 Nov 2020 10:26:46 GMT
x-amz-request-id: 98C45BCDFBFA7EB8
x-amz-id-2: HDa7kviJxmLtd/IFJ9Hk5km735D9Xuz5hnA9f5vR+W24wTNNFCxRGYjZJtXoeE+a1w4sFLgV29c=
cf-bgj: minify
server: cloudflare
etag: W/"2c3f279cf444a835c134f775f7695332"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 06e0b4bcb500000bf95e3f5000000001
cf-ray: 5fe1570def110bf9-AMS
expires: Tue, 08 Dec 2020 00:29:04 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 26ms
6ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 622
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 07 Dec 2020 22:18:42 GMT

GET
H3-Q050 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 07 Dec 2020 22:28:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
46 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4616a8d77d8f89cdb2121446cf3d3fbdd8e49778060c557412e9783b4ef2dd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46826
x-xss-protection: 0
server: cafe
etag: 941279725612123194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 21:29:04 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
630 B 43ms
19ms Script
application/javascript 2606:4700:3032::681b:80dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:80dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77631
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YqBFYvSQyybegTazTTT4UUehoWbtI3%2BfTJaaW5XWyvFE8HhmGty6Il5WsHCJrAw1qsaKWPM7AIEKZ5IL7nQWGJnq8NvlV7yzycWor0qCIKgcnPN2850s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 5fe1570e3c2bd6e5-FRA
content-length: 9
cf-request-id: 06e0b4bce50000d6e59b283000000001

GET
H2 200 adcode.png
rddywd.com/ 43 B
691 B 75ms
46ms Image
image/gif 2606:4700:3032::681b:80dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:80dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76202
content-length: 43
cf-request-id: 06e0b4bcea0000973cedb4a000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1dv9QTo%2FyYdfiICHa6gG3llxuwCzXWdyjjBsTeUWyykQJ0WSRNEVd41ycMTF%2B6puIxizxVUHg%2B%2Ff%2FxL1%2BkpaR%2FttbnD4tG7ROrnUYpYIEDxRXZx6e%2BX2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 5fe1570e4cbb973c-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
182 B 26ms
6ms Image
text/plain 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
2 KB 30ms
30ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 331025
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
cf-bgj: imgq:100,h2pri
content-length: 2250
cf-request-id: 06e0b4bb4c00002be94629b000000001
last-modified: Wed, 06 Jun 2018 18:26:21 GMT
server: cloudflare
etag: "5b18274d-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1570ba8162be9-FRA
expires: Sat, 04 Dec 2021 01:31:59 GMT

POST
H2 200 count.php Show response
beforeitsnews.com/core/ajax/counter/ 15 B
98 B 683ms
683ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d7fe51ada6912687d8a8a7d039a888a0a33d53a5ce9af48f80c2719a58edd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 5fe1570c295d2be9-FRA
content-length: 15
cf-request-id: 06e0b4bb9b00002be91e993000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5985
date: Mon, 07 Dec 2020 19:49:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 07 Dec 2020 21:49:20 GMT

GET
H2 200 5f2c559be7229f0012f31c92.js Show response
buttons-config.sharethis.com/js/ 1 KB
872 B 51ms
28ms Script
text/javascript 2600:9000:206f:8400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f2c559be7229f0012f31c92.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
content-encoding: gzip
etag: "321dc6041bb0ea183e662f402b588149"
last-modified: Thu, 06 Aug 2020 20:50:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-id: n0HWn5mf77tHLnfLoNRJu5nt420BF2LG79FOsVvLyaascwLCXFjQUA==

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame C25F 0
0 43ms
12ms Document
text/html 2600:9000:2104:ea00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ea00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
accept-ranges: bytes
last-modified: Thu, 19 Nov 2020 18:19:12 GMT
content-encoding: gzip
cache-control: max-age=3600, public
etag: W/"83a-175e1bb5500"
date: Mon, 07 Dec 2020 20:48:14 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 12Pz-0xXY8aeeD-zo8T2wbMTiLwq6fa0T-lR_02SYbE8aK8VNwjNDQ==
age: 2450

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 243 KB
87 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7235
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88693
x-xss-protection: 0
last-modified: Mon, 30 Nov 2020 10:52:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 19:28:29 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 172ms
36ms XHR
text/plain 3.121.118.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=beforeitsnews.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fbeforeitsnews.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&cms=unknown&publisher=5f2c559be7229f0012f31c92&sop=true&bsamesite=true&consent_cookie_duration=66&consent_duration=66&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Before%20It%27s%20News%C2%AE%20is%20a%20community%20of%20individuals%20who%20report%20on%20what%27s%20going%20on%20around%20them%2C%20from%20all%20around%20the%20world.%20You%20can%20join%20to%20Contribute%20News%20and%20Comments.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.118.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-118-243.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 21:29:05 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:50:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2295
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Tue, 07 Dec 2021 20:50:50 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 2001 18 KB
4 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 622
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 07 Dec 2020 22:18:42 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
914 B 6ms
5ms Image
image/png 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 16:17:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 18685
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Tue, 07 Dec 2021 16:17:40 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
134 B 39ms
38ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame D4FB 3 KB
1 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8cXNswsHTYQyNTn5cpcBCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-8cXNswsHTYQyNTn5cpcBCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Mon, 07 Dec 2020 21:29:04 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 11:21:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 382051
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Fri, 03 Dec 2021 11:21:34 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 35ms
33ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 6339
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: Cnwert1GiENoysUfBDXPF2oxBVB7KvQCrQPePrf/gjyjLKV6G2s01OhrGpZe00vVtwDUBpnt1yc=
content-type: image/svg+xml
cf-ray: 5fe1570ec9990bf9-AMS
x-amz-request-id: DCB403D7254D6E85
cf-request-id: 06e0b4bd4000000bf90787e000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
389 B 47ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1965140153&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1336817064&gjid=675251749&cid=1285566252.1607376545&tid=UA-16055024-1&_gid=1687429249.1607376545&_r=1&gtm=2oub41&z=1731341437

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 02:44:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 585889
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Wed, 01 Dec 2021 02:44:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-16055024-1&cid=1285566252.1607376545&jid=1336817064&gjid=675251749&_gid=1687429249.1607376545&_u=IEBAAUAAAAAAAC~&z=1188276034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Dec 2020 21:29:05 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 90ms
89ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=0&h=-1&wrongImageSize=1&cols=4&pv=5&cbuster=1607376545191566517376&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=1763f1ba5a88975707d&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202011721
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ef6c4b1bc8dbad923344d348e4b65e087cf76c47267764cc74d1a6bb509a78

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fe1570f9bb50bf9-AMS
cf-request-id: 06e0b4bdbc00000bf903ae4000000001

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
271 B 31ms
30ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=1285566252.1607376545&jid=1336817064&_u=IEBAAUAAAAAAAC~&z=649675664

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=1285566252.1607376545&jid=1336817064&_u=IEBAAUAAAAAAAC~&z=649675664

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
890 B 81ms
80ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=334&cols=1&pv=5&cbuster=1607376545235395129516&uniqId=10299&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=1763f1ba5d3a6314144&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202011721
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a99ed58a29792e1c6c3cab2aa8ce647536b8e1dddbf5cf1582df40f57ebbe4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fe1570fdcb70bf9-AMS
cf-request-id: 06e0b4bdeb00000bf956094000000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
785 B 97ms
88ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1607376545306190686648
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202011721
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a34bf0807c29e6b3bd28cf6ac08f9908af967a87a7ee82916f55861513bbc97

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3e11594a-12bf-4940-84b1-e5ac8cf5e197
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fe157106e510bf9-AMS
cf-request-id: 06e0b4be3f00000bf918a9d000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 5BE7 19 B
313 B 88ms
86ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1607376545314841427900
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202011721
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 35586ff4-9257-4439-984b-dd458c2b59bc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fe157106e560bf9-AMS
cf-request-id: 06e0b4be3f00000bf9008d3000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp
s-img.mgid.com/g/5523139/492x277/135x0x1062x708/ 15 KB
15 KB 52ms
48ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523139/492x277/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp?v=1607376545-WTsj4506rkyqQ4LeXFU460JfVmcRJeooGknKUyBRDXo
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be32c31eebb3cd49807bc71cecc36e6960d5fd7b94c98e3ed56c83600f1226eb

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:13:01 GMT
x-mg-request-uuid: d5ec74e6-d0a8-4acc-b605-69299144d631
age: 2654285
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe157107e770bf9-AMS
content-length: 14898
cf-request-id: 06e0b4be4700000bf9fe2ce000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp
s-img.mgid.com/g/6288128/492x277/0x155x900x600/ 6 KB
7 KB 55ms
52ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/492x277/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp?v=1607376545-A6aOzGaOfqMj-qEJIettjKK_UpYIW6tTPK8-7mxaqS8
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951829f961ddc3f982de69c0520536e6c18b00992a95003ea88a26562c83730f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:13:50 GMT
x-mg-request-uuid: b6017ebc-c6b8-441c-9f11-4ba6f5d6cf58
age: 2727470
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe157107e720bf9-AMS
content-length: 6640
cf-request-id: 06e0b4be4600000bf934bec000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp
s-img.mgid.com/g/5097651/492x277/0x15x820x546/ 23 KB
23 KB 46ms
43ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097651/492x277/0x15x820x546/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp?v=1607376545-Z13L7U4RH7XOkcv9gmG2QNQC8YNYOyBIrgaXkR5kcZw
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b25fc5a7b2421e02dac1082c2e856449ad2f624f0d660ef3ca871b8c8c75c3

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:26:40 GMT
x-mg-request-uuid: a3a27ff8-c0eb-4a94-9e17-37ff78629075
age: 2574171
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe157107e7c0bf9-AMS
content-length: 23838
cf-request-id: 06e0b4be4700000bf92e12f000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805484/492x277/0x164x2046x1364/ 7 KB
7 KB 54ms
51ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805484/492x277/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1607376545-dS8rS08VkirAMPU163z6ceajNc5ZRpEgPv7cgO3j1W4
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab67b15b447ad18a142cb1cb479290fbbb78119d70dc005440b13a3dbb25e4b5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:24:08 GMT
x-mg-request-uuid: ac770cce-e798-4506-aa58-497efe116a02
age: 2494070
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe157107e740bf9-AMS
content-length: 6702
cf-request-id: 06e0b4be4600000bf9232fe000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp
s-img.mgid.com/g/5523139/492x277/135x0x1062x708/ Frame E6DD 15 KB
15 KB 44ms
41ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523139/492x277/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp?v=1607376545-WTsj4506rkyqQ4LeXFU460JfVmcRJeooGknKUyBRDXo
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be32c31eebb3cd49807bc71cecc36e6960d5fd7b94c98e3ed56c83600f1226eb

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:13:01 GMT
x-mg-request-uuid: d5ec74e6-d0a8-4acc-b605-69299144d631
age: 2654285
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe157107e780bf9-AMS
content-length: 14898
cf-request-id: 06e0b4be4700000bf92d014000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp
s-img.mgid.com/g/6288128/492x277/0x155x900x600/ Frame E6DD 6 KB
7 KB 48ms
47ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/492x277/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp?v=1607376545-A6aOzGaOfqMj-qEJIettjKK_UpYIW6tTPK8-7mxaqS8
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951829f961ddc3f982de69c0520536e6c18b00992a95003ea88a26562c83730f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:13:50 GMT
x-mg-request-uuid: b6017ebc-c6b8-441c-9f11-4ba6f5d6cf58
age: 2727470
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe157107e760bf9-AMS
content-length: 6640
cf-request-id: 06e0b4be4700000bf9fdb3e000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp
s-img.mgid.com/g/5097651/492x277/0x15x820x546/ Frame E6DD 23 KB
23 KB 46ms
45ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097651/492x277/0x15x820x546/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp?v=1607376545-Z13L7U4RH7XOkcv9gmG2QNQC8YNYOyBIrgaXkR5kcZw
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b25fc5a7b2421e02dac1082c2e856449ad2f624f0d660ef3ca871b8c8c75c3

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:26:40 GMT
x-mg-request-uuid: a3a27ff8-c0eb-4a94-9e17-37ff78629075
age: 2574171
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe15710af1e0bf9-AMS
content-length: 23838
cf-request-id: 06e0b4be6d00000bf9258f7000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805484/492x277/0x164x2046x1364/ Frame E6DD 7 KB
7 KB 48ms
47ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805484/492x277/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1607376545-dS8rS08VkirAMPU163z6ceajNc5ZRpEgPv7cgO3j1W4
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab67b15b447ad18a142cb1cb479290fbbb78119d70dc005440b13a3dbb25e4b5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:24:08 GMT
x-mg-request-uuid: ac770cce-e798-4506-aa58-497efe116a02
age: 2494070
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe15710bf2b0bf9-AMS
content-length: 6702
cf-request-id: 06e0b4be7400000bf934bf1000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC81MzYyOTQ5ODY4NTNlMzBkMzAwNzk2YWMyOTBlN2FmMC5qcGVn.webp
s-img.mgid.com/g/3805669/492x328/0x245x736x490/ 18 KB
18 KB 38ms
38ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805669/492x328/0x245x736x490/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC81MzYyOTQ5ODY4NTNlMzBkMzAwNzk2YWMyOTBlN2FmMC5qcGVn.webp?v=1607376545-dkULt1vm340Kn0KbPoVG7iTTh8u3UEevMHTWzsNJSJk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fcc185ecfb2dc1fbc55679e535adad1f14f85237cb5554191cce2b03aabcf33

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Sep 2020 01:31:54 GMT
x-mg-request-uuid: 9cf535d8-17c6-4878-a470-f1d41d007885
age: 2840367
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe15710bf350bf9-AMS
content-length: 18178
cf-request-id: 06e0b4be7100000bf9350ee000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC81MzYyOTQ5ODY4NTNlMzBkMzAwNzk2YWMyOTBlN2FmMC5qcGVn.webp
s-img.mgid.com/g/3805669/492x328/0x245x736x490/ Frame 39F2 18 KB
18 KB 42ms
41ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805669/492x328/0x245x736x490/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC81MzYyOTQ5ODY4NTNlMzBkMzAwNzk2YWMyOTBlN2FmMC5qcGVn.webp?v=1607376545-dkULt1vm340Kn0KbPoVG7iTTh8u3UEevMHTWzsNJSJk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fcc185ecfb2dc1fbc55679e535adad1f14f85237cb5554191cce2b03aabcf33

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Sep 2020 01:31:54 GMT
x-mg-request-uuid: 9cf535d8-17c6-4878-a470-f1d41d007885
age: 2840367
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fe15710bf420bf9-AMS
content-length: 18178
cf-request-id: 06e0b4be7300000bf90639a000000001
server: cloudflare

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame AA30
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

113ms
38ms

Document
text/html

184.24.15.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1607376545306190686648
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.15.122 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-15-122.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 Dec 2020 21:29:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Mon, 07 Dec 2020 21:29:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=xho63F1nFHA.AikABlF2PxvnRA&expires=30&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=d31d58dd-e0c8-4e2a-8f6a-6bdf7550c046&gdpr=&gdpr_consent=&us_privacy=

43 B
433 B

105ms
104ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=d31d58dd-e0c8-4e2a-8f6a-6bdf7550c046&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:06 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9d6482ad-be82-4f82-8233-94659fd8a2e3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fe15714db950bf9-AMS
cf-request-id: 06e0b4c10800000bf9113d0000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=d31d58dd-e0c8-4e2a-8f6a-6bdf7550c046&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 07 Dec 2020 21:29:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2I3NVpCaHBOX3Rk&muidn=kb75ZBhpN_td
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2I3NVpCaHBOX3Rk&muidn=kb75ZBhpN_td&google_tc=
https://cm.mgid.com/google?muidn=kb75ZBhpN_td&google_ula={guid},5&google_gid=CAESECTRQpt0fEumoygViZEM4cc&google_cver=1

0
115 B

82ms
80ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=kb75ZBhpN_td&google_ula={guid},5&google_gid=CAESECTRQpt0fEumoygViZEM4cc&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fe157121b5b0bf9-AMS
cf-request-id: 06e0b4bf4b00000bf9051c8000000001

Redirect headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=kb75ZBhpN_td&google_ula={guid},5&google_gid=CAESECTRQpt0fEumoygViZEM4cc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 138ms
77ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=kb75ZBhpN_td
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fe157114e8e0be5-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06e0b4bed000000be5c6191000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=t5GWP1XiqV8Inx0uOpPf&pi=mgid&tc=1

43 B
418 B

81ms
80ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=t5GWP1XiqV8Inx0uOpPf&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9ef0b7f7-c51b-42d0-a772-3590ce18c117
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fe15711aa500bf9-AMS
cf-request-id: 06e0b4bf0c00000bf931228000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=t5GWP1XiqV8Inx0uOpPf&pi=mgid&tc=1
pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT, Mon, 07 Dec 2020 21:29:05 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=7aafdce4-8559-484d-bed0-a2463405dfaa&ttl=1609968545

43 B
291 B

99ms
98ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=7aafdce4-8559-484d-bed0-a2463405dfaa&ttl=1609968545
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5b219cca-e667-43fb-9208-d9aa842257f9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fe157122bbd0bf9-AMS
cf-request-id: 06e0b4bf5e00000bf92d038000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=7aafdce4-8559-484d-bed0-a2463405dfaa&ttl=1609968545
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
559 B 155ms
98ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=kb75ZBhpN_td
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:29:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fe15711487d0c21-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06e0b4bed600000c21d81b9000000001

GET
H2

200

rtset
bh.contextweb.com/bh/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb75ZBhpN_td
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kb75ZBhpN_td
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=d31d58dd-e0c8-4e2a-8f6a-6bdf7550c046

49 B
406 B

326ms
114ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=d31d58dd-e0c8-4e2a-8f6a-6bdf7550c046

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-q5gj7
expires: -1

Redirect headers

location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=d31d58dd-e0c8-4e2a-8f6a-6bdf7550c046
date: Mon, 07 Dec 2020 21:29:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 jsDynamic-bin-rev-20201111.js Show response
beforeitsnews.com/static/js-v3/ 8 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

616f3c5387758aff936d47c41a8ef8cc07b400b64b3d3e5d07634b2e31de4773

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2331599
cf-polished: origSize=7865
cf-bgj: minify
cf-request-id: 06e0b4c75d00002be902875000000001
last-modified: Tue, 10 Nov 2020 21:45:58 GMT
server: cloudflare
etag: W/"5fab0a16-1eb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe1571efed02be9-FRA
expires: Tue, 17 Nov 2020 21:49:08 GMT

GET
H2 200 responsive-bin-rev-20201111.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
871 B 22ms
21ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20201111.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2331599
cf-polished: origSize=1728
cf-bgj: minify
cf-request-id: 06e0b4c75d00002be97d88c000000001
last-modified: Tue, 10 Nov 2020 21:45:59 GMT
server: cloudflare
etag: W/"5fab0a17-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe1571efed42be9-FRA
expires: Tue, 17 Nov 2020 21:49:08 GMT

GET
H2 200 validate-bin-rev-20201111.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 23ms
22ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20201111.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2331599
cf-bgj: minify
cf-request-id: 06e0b4c75e00002be91b036000000001
last-modified: Tue, 10 Nov 2020 21:46:00 GMT
server: cloudflare
etag: W/"5fab0a18-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe1571efed82be9-FRA
expires: Tue, 17 Nov 2020 21:49:08 GMT

GET
H2 200 loadmore-bin-rev-20201111.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
2 KB 40ms
40ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20201111.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2331599
cf-polished: origSize=14745
cf-bgj: minify
cf-request-id: 06e0b4c75e00002be911a19000000001
last-modified: Tue, 10 Nov 2020 21:45:59 GMT
server: cloudflare
etag: W/"5fab0a17-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 5fe1571efede2be9-FRA
expires: Tue, 17 Nov 2020 21:49:08 GMT

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
1 KB 128ms
38ms Script
text/html 52.210.180.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_477&c=1607376547700&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.180.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-180-12.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e14fd22d8f1cba0a33f36f95f543b9f411d607d76d889095ffdfc873d4081669

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:07 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 1246

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
1 KB 128ms
38ms Script
text/html 52.210.180.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=100246&t=rc_403&c=1607376547700&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.180.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-180-12.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

b503e31cfe63d848eddeb8731014874cf44742b4be3eb4d8501acfab8049bd33

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:07 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 1245

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 90ms
26ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:07 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 19:48:42 GMT
server: nginx
etag: W/"5364-1607284122851"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

POST
H2 200 get_banners_direct.php Show response
beforeitsnews.com/core/ajax/contributor/v3_banners/ 1 KB
506 B 611ms
609ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_banners/get_banners_direct.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f72490d9c524bfb7fffcbe14dbcd750e4b60db2866e5696e73a53da206b158d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 07 Dec 2020 21:29:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 5fe1571f3f6e2be9-FRA
cf-request-id: 06e0b4c78600002be9251b5000000001

GET
H2 200 showing.php Show response
beforeitsnews.com/core/ajax/contributor/v3_live_stream/ 900 B
519 B 600ms
598ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_live_stream/showing.php?_=1607376547714

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b93f9e2b17328253ab18b78662f595fe0de7f661d0450644c412bc3eb06e98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 07 Dec 2020 21:29:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 5fe1571f3f732be9-FRA
cf-request-id: 06e0b4c78700002be93a97a000000001

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 32ms
14ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:07 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 51
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 5fe1571f5d72c2ae-FRA
cf-request-id: 06e0b4c7960000c2ae4e8ae000000001
expires: Tue, 08 Dec 2020 09:29:07 GMT

GET
H2 200 get_items_to_show.php Show response
beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 46 KB
3 KB 583ms
582ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1607376547715

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60e5253dd385469f2a17ada4ff9ff725f03d15212b849c9df78c90ab542866e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 07 Dec 2020 21:29:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 5fe1571f3f772be9-FRA
cf-request-id: 06e0b4c78700002be94c87d000000001

GET
H2 200 get-most-recent-stories-list.php Show response
beforeitsnews.com/v3/recent/ 14 KB
3 KB 449ms
448ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1607376547715

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e52b749ef82c355040d7b29d269533b9d5f2c919d180a6a919ae2e3431e24c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 07 Dec 2020 21:29:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 5fe1571f3f7a2be9-FRA
cf-request-id: 06e0b4c78700002be92a3fe000000001

GET
H/1.1 200
OK 10864438442185062
lockerdome.com/lad/ Frame 519D 0
0 482ms
127ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Mon, 07 Dec 2020 21:29:08 GMT

GET
H/1.1 200
OK 10864440455450982
lockerdome.com/lad/ Frame 0143 0
0 479ms
126ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Mon, 07 Dec 2020 21:29:08 GMT

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 61 KB
61 KB 282ms
282ms XHR
text/javascript 52.210.180.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_477&c=1607376547700&width=1600&site_url=https%3A%2F%2Fbeforeitsnews.com%2F&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=111268&t=rc_477&c=1607376547700&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.180.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-180-12.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

7f8fa3a16566232c988d73bb7e7bd0f5c61cc2f760383032e7d0142a78fd2ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Mon, 07 Dec 2020 21:29:08 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/javascript; charset=utf-8

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 70 KB
70 KB 162ms
162ms XHR
text/javascript 52.210.180.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=100246&t=rc_403&c=1607376547700&width=1600&site_url=https%3A%2F%2Fbeforeitsnews.com%2F&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=100246&t=rc_403&c=1607376547700&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.180.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-180-12.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

9d65dad52a677f45b220aec197cbc2b49dbab9a95433e625704ad61fa0f0554b

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Mon, 07 Dec 2020 21:29:07 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ 83 KB
23 KB 310ms
146ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 14:23:42 GMT
etag: "1607351022"
x-hw: 1607376548.cds067.lo4.hn,1607376548.cds097.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=58
accept-ranges: bytes
content-length: 23124

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ 280 KB
84 KB 207ms
44ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6df1457515a690c33717b2eca10548b3fbe947e30b05365471a2d04ba64273af

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 14:23:42 GMT
etag: "1607351022"
x-hw: 1607376548.cds067.lo4.hn,1607376548.cds077.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=13
accept-ranges: bytes
content-length: 85554

GET
H2 200 5f91376fe5f321-32230255.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 19 KB
19 KB 109ms
35ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/5f91376fe5f321-32230255.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ea5b0ba52a4aa797125b0d377004b96cb44bed1cbc19dd33c2afd271773482b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5f91376fe5f321-32230255.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-10-22T15:53:42.914Z;desc=hit,rtt;dur=1
content-length: 19180
last-modified: Thu, 22 Oct 2020 15:50:36 GMT
server: Cloudinary
etag: "0c42c1b9dc3403a5d40b3469bf9c80bd"
vary: Accept
x-hw: 1607376548.cds017.lo4.hn,1607376548.cds211.lo4.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 42eec848aeec054d87c759df07fd4365.jpeg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 8 KB
8 KB 109ms
35ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/42eec848aeec054d87c759df07fd4365.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a9b1dac4640ae24465170fdc8a89216f09922c0ec41e9dc668c4d7d5d0650359

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="42eec848aeec054d87c759df07fd4365.webp"
server-timing: fastly;dur=105;cpu=0;start=2020-11-10T17:54:21.135Z;desc=miss,rtt;dur=0,cloudinary;dur=26;start=2020-11-10T17:54:21.166Z
content-length: 8068
last-modified: Tue, 10 Nov 2020 17:43:00 GMT
server: Cloudinary
etag: "069af10ceb55ac50a045fa2586973bd4"
vary: Accept
x-hw: 1607376548.cds017.lo4.hn,1607376548.cds270.lo4.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15668969740703842202.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 33 KB
33 KB 134ms
60ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/15668969740703842202.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5b3bfe799da558857b11d4b32be4aa2ab97c5c7023630d4223846c825a551c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15668969740703842202.webp"
server-timing: fastly;dur=131;cpu=1;start=2020-11-14T14:30:40.243Z;desc=miss,rtt;dur=0,cloudinary;dur=52;start=2020-11-14T14:30:40.284Z
content-length: 33718
last-modified: Thu, 13 Aug 2020 13:59:15 GMT
server: Cloudinary
etag: "0278445402cfcdf317daa1702e2fb560"
vary: Accept
x-hw: 1607376548.cds017.lo4.hn,1607376548.cds209.lo4.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15640404341084736444.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 13 KB
13 KB 158ms
83ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/15640404341084736444.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4b7a80b126587ef6fb9ef1f99263f8a3af84a1562866d2ea40b56364eb0c010b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15640404341084736444.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-10-20T15:18:57.365Z;desc=hit,rtt;dur=0
content-length: 13056
last-modified: Thu, 13 Aug 2020 13:59:18 GMT
server: Cloudinary
etag: "453dbe6bfd0cec57090d1fa5c8ae8805"
vary: Accept
x-hw: 1607376548.cds017.lo4.hn,1607376548.cds279.lo4.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
1020 B 43ms
29ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Scada

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24f9f738d7dfc72a5d156f1d0f255ff3cfeba564708dc8cfbc0c20e929cc5c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 21:29:08 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 07 Dec 2020 21:29:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:29:08 GMT

GET
H2 200 5fb646e79d8d94-96702068.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 11 KB
12 KB 79ms
79ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/5fb646e79d8d94-96702068.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

08e24203faefd371ec6a5cc290fa676a3ac558f20b4b45f0e21196ea3a8b5162

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5fb646e79d8d94-96702068.webp"
server-timing: fastly;dur=122;cpu=0;start=2020-11-19T19:50:08.160Z;desc=miss,rtt;dur=0,cloudinary;dur=44;start=2020-11-19T19:50:08.199Z
content-length: 11768
last-modified: Thu, 19 Nov 2020 19:37:37 GMT
server: Cloudinary
etag: "91be45768c529215b40725adcb062c7e"
vary: Accept
x-hw: 1607376548.cds017.lo4.hn,1607376548.cds089.lo4.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5f91a780e418f7-17609804.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 21 KB
21 KB 84ms
83ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/5f91a780e418f7-17609804.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9a93ff3c9057863ee52c00f8bf074e05c31d759a8cdbddd0a69c6be14a86d70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5f91a780e418f7-17609804.webp"
server-timing: fastly;dur=114;cpu=1;start=2020-10-23T15:55:53.842Z;desc=miss,rtt;dur=0,cloudinary;dur=35;start=2020-10-23T15:55:53.881Z
content-length: 21248
last-modified: Fri, 23 Oct 2020 14:30:13 GMT
server: Cloudinary
etag: "eb5f5b103f89b23714b982c9b9767a94"
vary: Accept
x-hw: 1607376548.cds017.lo4.hn,1607376548.cds248.lo4.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK smith%202.jpg
fw-d7-freedomworks-org.s3.amazonaws.com/styles/large/s3/field/image/ 28 KB
29 KB 512ms
140ms Image
image/jpeg 52.217.71.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fw-d7-freedomworks-org.s3.amazonaws.com/styles/large/s3/field/image/smith%202.jpg?itok=-ZvUOOTK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.71.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41efe3a4122c5af45e9516f3c72f8f062d6e40adc6da1d1f49e6e3b9c9ad048d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 21:29:09 GMT
Last-Modified: Mon, 07 Dec 2020 21:11:57 GMT
Server: AmazonS3
x-amz-request-id: 8F8C683412E475B9
ETag: "a818cd184f3f52a21543008d5a29bfa4"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 29049
x-amz-id-2: gOMvNKbzsOqdtyP4+/Fw3gGz+ECeWsOYeJFcDzOefqsVoA01wwqzAzIll/gCocEMgZJQo+nn3bo=

GET
H/1.1 200
OK scotus_2.jpg
fw-d7-freedomworks-org.s3.amazonaws.com/styles/large/s3/field/image/ 24 KB
24 KB 513ms
139ms Image
image/jpeg 52.217.71.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fw-d7-freedomworks-org.s3.amazonaws.com/styles/large/s3/field/image/scotus_2.jpg?itok=7bCqEUgy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.71.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08237db442ae87fdfe2205756065c3bfa73b3e2cf505b862624ade23944f331e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 21:29:09 GMT
Last-Modified: Mon, 07 Dec 2020 21:18:48 GMT
Server: AmazonS3
x-amz-request-id: 9C2A28426A18974A
ETag: "d5f3a9ae5fac43e3d6f403ca2b862574"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 24590
x-amz-id-2: etwuz1UDINrVs08BBHOCxWre79WgtO1es0bnEVK5RB3gm32EpuVHp75vE7KACveBSh9D94xkuzI=

GET
H2 200 LAmayorGarcetti-e1596712488371.jpg
www.shtfplan.com/wp-content/uploads/2020/08/ 7 KB
7 KB 126ms
48ms Image
image/jpeg 104.28.13.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shtfplan.com/wp-content/uploads/2020/08/LAmayorGarcetti-e1596712488371.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.28.13.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e267533f2d0b0e4f46001f0551a48b9005db632b0490032bc592e650c34a981

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 224
content-length: 6774
cf-request-id: 06e0b4c9b4000040fcf507f000000001
last-modified: Thu, 06 Aug 2020 11:14:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xZrCFkTUSsjkNz2lYH0DWgoPO2q6HTieXl%2FdbyqmmhrIYcWJxbAYFKFjTZK4Rg1ZiZSHy7iEyrsSzYgBBjkzFgiCOYs98OFRZQsoz9bO8E7I"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fe15722b8e840fc-LHR
expires: Tue, 07 Dec 2021 21:25:24 GMT

GET
H2 200 6rlI0QDOxRCHUYnXE0TOIPGgppRM9toA5_ZqCT4JSFNJuo_yQqzAiYCpMKuZZadIQnhqrEGMM65gWGT7RXago9ljNO-dl7MhuAqBmooTIN4Cic8d7XuMJXLHvAQqFNo2yr1ntNLt0L67HLgotedXLCt2f7RYQ6SJhLsbfH8=s0-d-e1-ft
ci5.googleusercontent.com/proxy/ 128 KB
129 KB 30ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ci5.googleusercontent.com/proxy/6rlI0QDOxRCHUYnXE0TOIPGgppRM9toA5_ZqCT4JSFNJuo_yQqzAiYCpMKuZZadIQnhqrEGMM65gWGT7RXago9ljNO-dl7MhuAqBmooTIN4Cic8d7XuMJXLHvAQqFNo2yr1ntNLt0L67HLgotedXLCt2f7RYQ6SJhLsbfH8=s0-d-e1-ft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab055242828fcfab401fbc04b30e2ee44f478bddacdcdc58c9acd59ce4b92c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:49:52 GMT
x-content-type-options: nosniff
server: fife
age: 5956
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400
content-disposition: attachment;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131563
x-xss-protection: 0

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/fdV3b8Lizf0/ 27 KB
27 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/fdV3b8Lizf0/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e2d3552676fba639ef5f82682a026bf6ac5f3b86a50b9835194966a4fda180c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:28:02 GMT
x-content-type-options: nosniff
server: sffe
age: 66
etag: "1607199748"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27722
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:33:02 GMT

GET
H2 200 1f1fa-1f1f8.png
s.w.org/images/core/emoji/13.0.0/72x72/ 350 B
545 B 83ms
27ms Image
image/png 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.0/72x72/1f1fa-1f1f8.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

f21f8537b9b087805efd4334b8f0904aa547ba84c2c6a647d002fef16f42aa26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 07 Dec 2020 21:29:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 17:45:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 350
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f621.png
s.w.org/images/core/emoji/13.0.0/72x72/ 683 B
717 B 57ms
28ms Image
image/png 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.0/72x72/1f621.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

f65d755195cfb95f5c3e38a33d5ccd935236ff2869a720cdbcb8ac667c073e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 07 Dec 2020 21:29:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 17:45:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 683
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 no-img.png
beforeitsnews.com/img/v3/ 1 KB
2 KB 32ms
28ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/no-img.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 325696
cf-polished: origFmt=png, origSize=1604
content-disposition: inline; filename="no-img.webp"
cf-bgj: imgq:100,h2pri
content-length: 1298
cf-request-id: 06e0b4c94e00002be971b7d000000001
last-modified: Wed, 06 Jun 2018 18:26:21 GMT
server: cloudflare
etag: "5b18274d-644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1572218542be9-FRA
expires: Sat, 04 Dec 2021 03:00:52 GMT

GET
H2 200 2020-12-07.jpg
zh-prod-1cc738ca-7d3b-4a72-b792-20bd8d8fa069.storage.googleapis.com/s3fs-public/inline-images/ 51 KB
52 KB 30ms
8ms Image
image/jpeg 2a00:1450:4001:819::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zh-prod-1cc738ca-7d3b-4a72-b792-20bd8d8fa069.storage.googleapis.com/s3fs-public/inline-images/2020-12-07.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a5112e47448f7c9c14a54d16acae79a8b99ac88cea5e51985a0bd512b3324507

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:20:18 GMT
age: 530
x-guploader-uploadid: ABg5-UztY5YKD72Zqss6jTAaKYCmoYjOU3bl3XuBazxDdqU3pmSrxVJw0ihw_JbBrKo8nYBA1W5umiI7jB3hERRB4Q-TY2fNFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52606
last-modified: Mon, 07 Dec 2020 20:07:40 GMT
server: UploadServer
etag: "0ee25816a88e80cc7b3bc172fac27fc3"
vary: Origin
x-goog-hash: crc32c=H3xnzQ==, md5=DuJYFqiOgMx7O8Fy+sJ/ww==
x-goog-generation: 1607371660132869
cache-control: public, max-age=3600
x-goog-stored-content-length: 52606
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 07 Dec 2020 22:20:18 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/4F6Mt85Z3a4/ 33 KB
33 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/4F6Mt85Z3a4/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467080e4fbf06782920301480f0bb2b328d2e2905525dea409d3dec25136f72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1607343457"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34085
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:34:08 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/8dL9uEd52To/ 43 KB
43 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/8dL9uEd52To/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fda64b6ff81afab2632a1322c0bde8b6213f1b05a96e0638fe899e62bbdba11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:28:02 GMT
x-content-type-options: nosniff
server: sffe
age: 66
etag: "1607359816"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44407
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:33:02 GMT

GET
H2 200 bombingfootage.jpg
zh-prod-1cc738ca-7d3b-4a72-b792-20bd8d8fa069.storage.googleapis.com/s3fs-public/inline-images/ 13 KB
14 KB 23ms
7ms Image
image/jpeg 2a00:1450:4001:819::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zh-prod-1cc738ca-7d3b-4a72-b792-20bd8d8fa069.storage.googleapis.com/s3fs-public/inline-images/bombingfootage.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3febfe1a39cfb389978f39a42c9ccdbe32aa5013a929adc4ddf9576776ff1306

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:45:22 GMT
age: 2626
x-guploader-uploadid: ABg5-UxOMuLCafJGKFn6pKaZ0KUhf08wDuI791onI1VLeIUpNWlRmOrLTb7TKmObndK_4pqIa1kht1bED3MtP7M1yYn6LYuk9g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13524
last-modified: Mon, 07 Dec 2020 14:43:29 GMT
server: UploadServer
etag: "f8df31134de1aae42e60119c86cf6d43"
vary: Origin
x-goog-hash: crc32c=XsmC4Q==, md5=+N8xE03hquQuYBGchs9tQw==
x-goog-generation: 1607352209649307
cache-control: public, max-age=3600
x-goog-stored-content-length: 13524
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 07 Dec 2020 21:45:22 GMT

GET
H2

200

Dr-Steve-Pieczenik.jpg
beforeitsnews.com/contributor/upload/662794/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/662794/images/Dr-Steve-Pieczenik.jpg
https://beforeitsnews.com/contributor/upload/662794/images/Dr-Steve-Pieczenik.jpg

23 KB
23 KB

25ms
23ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/662794/images/Dr-Steve-Pieczenik.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e4889710c23da4845566b6bcf7e01709c95b8a6db7cc3a268803c906370ae48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2373
cf-polished: origSize=24425, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 23152
cf-request-id: 06e0b4c99900002be9670ca000000001
last-modified: Mon, 07 Dec 2020 20:48:19 GMT
server: cloudflare
etag: "5fce9513-5f69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1572289d72be9-FRA
expires: Tue, 07 Dec 2021 20:49:35 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/662794/images/Dr-Steve-Pieczenik.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

A_Throne.jpg
beforeitsnews.com/contributor/upload/461640/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/461640/images/A_Throne.jpg
https://beforeitsnews.com/contributor/upload/461640/images/A_Throne.jpg

30 KB
30 KB

36ms
35ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/461640/images/A_Throne.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4074d9505e6dfff7df3726f6e77da5afb0db6a63b3dc719274c5cc588aa84a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3461
cf-polished: origSize=32535, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 30882
cf-request-id: 06e0b4c99900002be9fea46000000001
last-modified: Mon, 07 Dec 2020 20:28:44 GMT
server: cloudflare
etag: "5fce907c-7f17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1572289dc2be9-FRA
expires: Tue, 07 Dec 2021 20:31:27 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/461640/images/A_Throne.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

Trump%20blood%20vaccine(2).jpg
beforeitsnews.com/contributor/upload/724569/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/724569/images/Trump%20blood%20vaccine(2).jpg
https://beforeitsnews.com/contributor/upload/724569/images/Trump%20blood%20vaccine(2).jpg

14 KB
14 KB

31ms
31ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Trump%20blood%20vaccine(2).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4a138bb79cf44c56623e45510dd0069ad16eadc93d308c976a4d926dcd9799

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2992425
cf-polished: origSize=19818, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 14382
cf-request-id: 06e0b4c99a00002be94910b000000001
last-modified: Tue, 20 Oct 2020 13:57:12 GMT
server: cloudflare
etag: "5f8eecb8-4d6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe1572289dd2be9-FRA
expires: Wed, 03 Nov 2021 06:15:23 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/724569/images/Trump%20blood%20vaccine(2).jpg
Non-Authoritative-Reason: HSTS

GET
H2 200 Xmas%2Bsongs%2Bby%2Brelease%2Bdate.png
1.bp.blogspot.com/-R1w8kaWrOU0/X86KcYy6tII/AAAAAAAAKjw/HbAqToNvYUQyHeiXi3CjQNsWo6pEp2axgCLcBGAsYHQ/s400/ 8 KB
8 KB 9ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-R1w8kaWrOU0/X86KcYy6tII/AAAAAAAAKjw/HbAqToNvYUQyHeiXi3CjQNsWo6pEp2axgCLcBGAsYHQ/s400/Xmas%2Bsongs%2Bby%2Brelease%2Bdate.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d4555bf93d7832584ef57d0312537869babc63acbf43569a525011595463ca40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:30:35 GMT
x-content-type-options: nosniff
age: 3513
content-disposition: inline;filename="Xmas songs by release date.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7777
x-xss-protection: 0
server: fife
etag: "v2a3d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 08 Dec 2020 20:30:35 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/x7CxM1anfPE/ 41 KB
41 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/x7CxM1anfPE/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

996324fa5bfb0e9f961e8531164dcd2e8ea002fbfb32ce02603061f47c7a5e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1607290115"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41957
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:34:08 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/vcKz1OGZ7_I/ 39 KB
39 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/vcKz1OGZ7_I/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd626e58fb9f946dff6617370e24928df1444bcea2a9dedf93e80ef296ce598c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:27:37 GMT
x-content-type-options: nosniff
server: sffe
age: 91
etag: "1607132327"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40319
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:32:37 GMT

GET
H/1.1 200
OK Panthers-Draft-1024x576.jpg
www.panthersgab.com/wp-content/uploads/2020/04/ 144 KB
145 KB 636ms
245ms Image
image/jpeg 207.55.249.212
AS17054

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.panthersgab.com/wp-content/uploads/2020/04/Panthers-Draft-1024x576.jpg
Protocol: HTTP/1.1
Server: 207.55.249.212 St. Petersburg, United States, ASN17054 (AS17054, US),
Reverse DNS
Software: Apache/2.4.46 (cPanel) OpenSSL/1.1.1h mod_bwlimited/1.4 /
Resource Hash: e2220d5f028c1b13784d4623b64bfe98a50da0315b601332d7057ed6ccf30047

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 21:29:14 GMT
Last-Modified: Sun, 26 Apr 2020 18:55:00 GMT
Server: Apache/2.4.46 (cPanel) OpenSSL/1.1.1h mod_bwlimited/1.4
ETag: "5c4112a-24165-5a43622b3ff91"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=100
Content-Length: 147813

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/xHZFbXXcGmY/ 29 KB
29 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/xHZFbXXcGmY/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc841eec8688e637094b23692a9145bc077c33bc2200aede39663f23129be2e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:47:53 GMT
x-content-type-options: nosniff
server: sffe
age: 2475
etag: "1606954543"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29235
x-xss-protection: 0
expires: Mon, 07 Dec 2020 22:47:53 GMT

GET
H2 200 ufos-unidentified-flying-objects-goverment-admits-they-are-real.jpg
www.nowtheendbegins.com/wp-content/uploads/2019/06/ 36 KB
36 KB 149ms
41ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nowtheendbegins.com/wp-content/uploads/2019/06/ufos-unidentified-flying-objects-goverment-admits-they-are-real.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

42461d697c9d50fb78121ba69020a18f7227c9144f0d9704fe749f71bb5ffa93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 36908
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jun 2019 16:38:49 GMT
server: nginx
etag: "5cf69e99-902c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19006
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: STATIC/PATH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v35/ 12 KB
12 KB 6ms
6ms Font
font/woff 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v35/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Scada

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 22:06:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 19:17:24 GMT
server: sffe
age: 516160
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12672
x-xss-protection: 0
expires: Wed, 01 Dec 2021 22:06:28 GMT

GET
H3-Q050 200 RLpxK5Pv5qumeVJvzTQKbVvu.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLpxK5Pv5qumeVJvzTQKbVvu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Scada

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

788a08bf62ef367edb51976a66fd9c5abc5ad55f4fa1ac66d3abde2ac76da67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 11:36:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:20:39 GMT
server: sffe
age: 208388
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8984
x-xss-protection: 0
expires: Sun, 05 Dec 2021 11:36:00 GMT

GET
H2 200 OMSDhEhKOHE
www.youtube.com/embed/ Frame 233C 0
0 80ms
80ms Document
text/html 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OMSDhEhKOHE?rel=0&autoplay=0&mute=0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/OMSDhEhKOHE?rel=0&autoplay=0&mute=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-length: 20593
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-encoding: br
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Mon, 07 Dec 2020 21:29:08 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=fanInTdoix8; path=/; domain=.youtube.com; secure; expires=Sat, 05-Jun-2021 21:29:08 GMT; httponly; samesite=None YSC=_gTzjlf8M2M; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 07-Dec-2020 21:59:08 GMT VISITOR_INFO1_LIVE=fanInTdoix8; path=/; domain=.youtube.com; secure; expires=Sat, 05-Jun-2021 21:29:08 GMT; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.bitchute.com/embed/xlmCvOqhPHdw/ Frame 6244 0
0 137ms
137ms Document
text/html 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/embed/xlmCvOqhPHdw/

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bitchute.com
:scheme: https
:path: /embed/xlmCvOqhPHdw/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dbeb1bca495afaec00f86c7cbd3bec5e11607376548; expires=Wed, 06-Jan-21 21:29:08 GMT; path=/; domain=.bitchute.com; HttpOnly; SameSite=Lax; Secure
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 06e0b4c9e90000980e5c8d1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sETD273Y6d99eYEUkFv6SBVEl%2BWuiEnTrfwBJCEGoD5nasy2RGU42tHhjirXdacApuJcYedhyowgL0Dj235WHvwbO21p6HYb6tbQh8vplGECkthKUck5D6Ss%2FKjg"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fe157230b67980e-FRA
content-encoding: br

GET
H2 200 8a2c33fe4da6cea119e5201176d70b5093993a8b.jpeg
beforeitsnews.com/img/i2020/12/ 18 KB
18 KB 99ms
97ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2020/12/8a2c33fe4da6cea119e5201176d70b5093993a8b.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3c5fdbf34000529f48e46274bce5939ec0de24acf7f7e3b595d726de1ead61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 577731
cf-polished: origSize=19938, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 18431
cf-request-id: 06e0b4ca0e00002be949113000000001
last-modified: Wed, 21 Aug 2019 02:34:20 GMT
server: cloudflare
etag: "5d5cadac-4de2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe157234bd32be9-FRA
expires: Wed, 01 Dec 2021 05:00:17 GMT

GET
H2 200 86207ec5af26ab091ead71c3e5c93d7372fdc38b.jpeg
beforeitsnews.com/img/i2020/12/ 11 KB
12 KB 36ms
34ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2020/12/86207ec5af26ab091ead71c3e5c93d7372fdc38b.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc8e08468064fa06b5ad063470793938f4d9de97a862b9bde04b86e8e86bb02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:29:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 396648
cf-polished: origSize=12912, status=webp_bigger
cf-bgj: imgq:100,h2pri
content-length: 11685
cf-request-id: 06e0b4ca0e00002be92a051000000001
last-modified: Wed, 21 Aug 2019 02:46:36 GMT
server: cloudflare
etag: "5d5cb08c-3270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 5fe157234bd82be9-FRA
expires: Fri, 03 Dec 2021 07:18:20 GMT

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
197 B 173ms
62ms XHR
text/html 52.210.180.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.180.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-180-12.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Mon, 07 Dec 2020 21:29:08 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
196 B 155ms
64ms XHR
text/html 52.210.180.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.180.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-180-12.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Mon, 07 Dec 2020 21:29:08 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22TXTjlxWJF%22%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1607376545298%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1607376545338%7D%7D
.beforeitsnews.com/	1970-01-19 14:29:36	Name: _gat_gtag_UA_16055024_1 Value: 1
.beforeitsnews.com/	1970-01-19 14:31:02	Name: _gid Value: GA1.2.1687429249.1607376545
beforeitsnews.com/	1970-01-20 14:29:36	Name: b4in-uuid Value: 3d561410-b7cc-4e95-83e0-a39bf99bb8b9
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
.beforeitsnews.com/	1970-01-20 08:00:48	Name: _ga Value: GA1.2.1285566252.1607376545
.beforeitsnews.com/	1970-01-19 15:12:48	Name: __cfduid Value: d652b169dd6f0c39742bc24f187fcdb631607376543

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://beforeitsnews.com/(Line 494) Message: [Web Cached] Loaded time: 0.00279s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	info	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js(Line 39) Message: adsVideosRotating: id20 views: 699.6k
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202011721(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202011721(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ams.creativecdn.com
beforeitsnews.com
bh.contextweb.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.mgid.com
cdn.onesignal.com
cdn.revcontent.com
cdn.shopify.com
cdn2.lockerdomecdn.com
ci5.googleusercontent.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw-d7-freedomworks-org.s3.amazonaws.com
hub.umd.edu
i.ytimg.com
images.revcontent.com
img.youtube.com
jsc.mgid.com
justusaknight.files.wordpress.com
l.sharethis.com
lisahaven.news
lockerdome.com
match.adsrvr.org
pagead2.googlesyndication.com
platform-api.sharethis.com
px.adhigh.net
rddywd.com
s-img.mgid.com
s.w.org
secure-assets.rubiconproject.com
servicer.mgid.com
specials-images.forbesimg.com
static-3.bitchute.com
static01.nyt.com
stats.g.doubleclick.net
tapnewswire.com
translate.google.com
translate.googleapis.com
trends.revcontent.com
www.bitchute.com
www.gannett-cdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.kcnonline.com
www.mackinac.org
www.milwaukeeindependent.com
www.naturalnews.com
www.nowtheendbegins.com
www.ournewearthnews.com
www.panthersgab.com
www.rumormillnews.com
www.shtfplan.com
www.youtube.com
x.bidswitch.net
zh-prod-1cc738ca-7d3b-4a72-b792-20bd8d8fa069.storage.googleapis.com
104.154.142.214
104.16.199.73
104.19.136.78
104.19.216.61
104.28.13.9
143.204.55.6
146.20.201.92
151.101.113.164
151.101.114.62
151.101.14.49
151.139.128.11
151.139.242.29
162.241.30.109
184.24.15.122
185.184.8.30
192.0.72.23
192.0.77.48
192.124.249.6
192.232.253.205
193.232.148.154
198.148.27.139
207.55.249.212
216.58.212.130
23.8.15.54
2401:c900:1101:143:9::e
2600:9000:206f:8400:c:abe:f440:93a1
2600:9000:2104:6800:1c:8a07:5e80:93a1
2600:9000:2104:ea00:c:a9b7:ddc0:93a1
2606:4700:10::ac43:e6e
2606:4700:20::ac43:44a1
2606:4700:3032::681b:80dd
2606:4700:3034::681f:5aaa
2606:4700::6810:8646
2606:4700::6812:e134
2a00:1450:4001:800::200a
2a00:1450:4001:801::200e
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:816::2003
2a00:1450:4001:817::2003
2a00:1450:4001:819::2010
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::200a
2a00:1450:4001:81b::2016
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:820::200a
2a00:1450:400c:c09::9a
2a02:26f0:6c00:2a3::2e0b
3.121.118.243
35.157.13.31
45.79.195.246
52.17.171.52
52.210.180.12
52.217.71.92
64.202.184.137
89.187.188.228
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
08237db442ae87fdfe2205756065c3bfa73b3e2cf505b862624ade23944f331e
08e24203faefd371ec6a5cc290fa676a3ac558f20b4b45f0e21196ea3a8b5162
096d1b86ee573ec926853ddd24e0a7a68f500a274ed19ca196b85dd12ef6c53e
0a34bf0807c29e6b3bd28cf6ac08f9908af967a87a7ee82916f55861513bbc97
0de58861ada2eb07be95cb56797e1ca3054455c8b3b6bd710ae26c54814180f5
0df622b26e7c42e5404cfeb23c4563181e299d7c7322d98e3b9a32b4deab156d
0f7ffb0394b87cc73b204d2f10221b50d35559604ba7257b5617cbdbdba92e9d
0fcc185ecfb2dc1fbc55679e535adad1f14f85237cb5554191cce2b03aabcf33
1022019395c8ba5831ef367bec12d9c0c837362a95b32cab0e2db67dc3c9a5ce
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
138bad2908491d2d35ba09271ce1b07c30b17fe8f8a9a35370a671643867186f
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
1423ae3999df23d3cc81aa3d4d20395d967d98d16b2271d871d5cd2f64c9f4a3
16b25fc5a7b2421e02dac1082c2e856449ad2f624f0d660ef3ca871b8c8c75c3
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1e74e59de4b2f53f817fac05e07904a52765cfd6b75775594a620110bc14fd19
212fdc71c195e49189685ca3fa070d8d07586dcbbf088e70bac489bd61437a14
24f9f738d7dfc72a5d156f1d0f255ff3cfeba564708dc8cfbc0c20e929cc5c63
2b1698c096260e4b442f1b8429b221cc45f7ec96d1ed34aebf931dcaa0189cb2
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2d5f77b7d5711d6232b501de3a3320dd6bd6fe56d2f1f29e47205cabde34a28d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
335239228494644fe91797bc46dff9d011e01ee520178a012170249df72e5205
3708fe096b7ce52840860be4aad06b783d0fb5acb7f4ea6193d489f20dbb4faf
38bca17115bb377291b72eb72753639aa1d1a128c0863830ba9e743ae9942738
3e2d3552676fba639ef5f82682a026bf6ac5f3b86a50b9835194966a4fda180c
3e4889710c23da4845566b6bcf7e01709c95b8a6db7cc3a268803c906370ae48
3febfe1a39cfb389978f39a42c9ccdbe32aa5013a929adc4ddf9576776ff1306
41efe3a4122c5af45e9516f3c72f8f062d6e40adc6da1d1f49e6e3b9c9ad048d
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
42461d697c9d50fb78121ba69020a18f7227c9144f0d9704fe749f71bb5ffa93
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
4616a8d77d8f89cdb2121446cf3d3fbdd8e49778060c557412e9783b4ef2dd45
467080e4fbf06782920301480f0bb2b328d2e2905525dea409d3dec25136f72e
469760e06380a0be9778f84e4c8e70f93856d71c43a4033cc4c45421ce0dd2c1
47f5b2ba7dc4b1d498cf2f83bb1df236323a984a0d58e7a38e19951e39bd176f
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
48e998cac3d6c5f9758210557ed919f8970ff5137c0f57552d995789021f39a8
491b6ac6ccb8f823d6a040f925cc11f2353bf2cad6f0e361b7f6bbc0c9d793ce
4b7a80b126587ef6fb9ef1f99263f8a3af84a1562866d2ea40b56364eb0c010b
58bc9f645c3d4dafc17d2d224e8909f124bab8d45d5f2cac340985c5fe5995f2
5b3bfe799da558857b11d4b32be4aa2ab97c5c7023630d4223846c825a551c53
5b93f9e2b17328253ab18b78662f595fe0de7f661d0450644c412bc3eb06e98e
5c4c8e3280f3313515d1730ab74a3e0401aeebf7ea43d195aef1105a848949c5
5d976cb0aee5149bdc5a7d0456be278a1449ed15f419470af3f87f745b2b996e
5ec9a1a01e80f3ba551290926ba2e221cdb730d445c9d4b25bc91a6df7f4482d
5f72490d9c524bfb7fffcbe14dbcd750e4b60db2866e5696e73a53da206b158d
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
60e5253dd385469f2a17ada4ff9ff725f03d15212b849c9df78c90ab542866e1
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
616f3c5387758aff936d47c41a8ef8cc07b400b64b3d3e5d07634b2e31de4773
6480a6c748486ede027085a871d2f2962474e6d1232a4599faec693bfb4cd232
655fdf32eb82abb2fcc311dd4ee6e946ff1882cfd3c1eb153aa4ab4e88926fd2
65e3a9489eabe6de3256469cd23bf257108df15ae28af14c8dd1c994e6716f36
66ef6c4b1bc8dbad923344d348e4b65e087cf76c47267764cc74d1a6bb509a78
69e3b1b2b041b70f196bf9082e9c232df86261311aae2dde463684fe07d650f0
6a3c5fdbf34000529f48e46274bce5939ec0de24acf7f7e3b595d726de1ead61
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
6df1457515a690c33717b2eca10548b3fbe947e30b05365471a2d04ba64273af
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
7267f423d41d0afb9b46cf0586dda937fd7610a1f569377abaee417fefd60858
74ca8a659f59f936869eae58d11b6355e2273618e5e171f281d727f92f9b12d5
74dc1ce69ebdb1f0d1bd7b497a99310356873e99f87bb4a98db1db55a6a61e58
787af9181d9d63fcd0bdac687262b12aa5844b194daceabd7ca1295efcd4cd0e
788a08bf62ef367edb51976a66fd9c5abc5ad55f4fa1ac66d3abde2ac76da67e
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
79ea20c2453d614642047c888d9a9abe70f74839a3ab9f6f3450441f0d6d9042
7e267533f2d0b0e4f46001f0551a48b9005db632b0490032bc592e650c34a981
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7f8fa3a16566232c988d73bb7e7bd0f5c61cc2f760383032e7d0142a78fd2ef2
8263dbe19b471f03feb7daf4b79657bab505b1f25fc6d78cd86d5aad4999ad6b
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
83980d2c6be63121ae377e3315c6bdc744309de315d43983dbadf8bd611b4a28
83a99ed58a29792e1c6c3cab2aa8ce647536b8e1dddbf5cf1582df40f57ebbe4
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f56d0012a257578576ebecc8d42f71f271f242d64db9afd7b18748781757b9
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b033f3be60006619caf7f5854f709f68d150262a14f869e06733fa4613629d9
8ceae33eb2d3af55d1541ba59d9150dd15a61b1a02a1bdeec8cd578743f362ae
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
911a95b5ebc85069d70b49165bbb081f87277d48f598648e9f3f57a576ce0d59
92164654a622861423152edced13a313916d283b51b6202d98d6876011d3e074
9235af5c4e1d0192a2edb6d4b435cf36707a30bb82dacfb2a66765b22c1781fd
951829f961ddc3f982de69c0520536e6c18b00992a95003ea88a26562c83730f
996324fa5bfb0e9f961e8531164dcd2e8ea002fbfb32ce02603061f47c7a5e83
9a93ff3c9057863ee52c00f8bf074e05c31d759a8cdbddd0a69c6be14a86d70a
9ab8d3ab886ebd79b8127eb85c077b40f7c5e92fb28da6526aa421188910c793
9bca5a1c00da3158573510cfc9aca7c951bf8ccef62e383ca6917a9f7853976c
9d65dad52a677f45b220aec197cbc2b49dbab9a95433e625704ad61fa0f0554b
a4074d9505e6dfff7df3726f6e77da5afb0db6a63b3dc719274c5cc588aa84a9
a5112e47448f7c9c14a54d16acae79a8b99ac88cea5e51985a0bd512b3324507
a75ee5535dd79135795d336091e946e331253ab73c9fbd085f390d11824cc5c3
a94790e5289bf41673d08612a2af78a991ad150fe585b5c0e13c693c5b2adbab
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
a9b1dac4640ae24465170fdc8a89216f09922c0ec41e9dc668c4d7d5d0650359
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ab055242828fcfab401fbc04b30e2ee44f478bddacdcdc58c9acd59ce4b92c84
ab67b15b447ad18a142cb1cb479290fbbb78119d70dc005440b13a3dbb25e4b5
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad402a0740472d677fd4543113c841486202303a0dfa8c96e8a62d7a1221c805
afced6b05900eb2374424c93601ecfb08dac8f43a15c3bde20cf40bf013bf4c7
b2b31a2db0bb6f2be828351d336aac64c0355083ed21b7ae3ca7b5f73985e8c6
b4e0a7352d463b8c9c1de13220cf23b612c82733c3d975a068ce8707f62f0625
b503e31cfe63d848eddeb8731014874cf44742b4be3eb4d8501acfab8049bd33
b5a14898539e36b752fd2c7df1259a868b5e81028cee2d23b184424b4af20a8e
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bc5589ca1c5c603efd892f6295a0f2f8343b6230f07bc8800c5777ba263a89f4
be32c31eebb3cd49807bc71cecc36e6960d5fd7b94c98e3ed56c83600f1226eb
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
c2d7fe51ada6912687d8a8a7d039a888a0a33d53a5ce9af48f80c2719a58edd7
c3eccd5db0acacdb05957eb4bf8bd9ea8ec9a7fb8b8534678303c79825430537
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
c926e155ad63f5cee160716261893bff8839e7610f2dd2e609fa61d76c427d33
ca6c4dae8dc680a4595921bae7b66ab8bede58bee181a639464d14d1e780ddf5
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb3c8e6d8177ed58739c0338a0de6acb391d0f0a857f0a351a99482061137455
cc8e08468064fa06b5ad063470793938f4d9de97a862b9bde04b86e8e86bb02c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
d4555bf93d7832584ef57d0312537869babc63acbf43569a525011595463ca40
d797dd8d3d72684bb938c26a1d3892b4f09f2e604c3f3a34db9e791c8bb43b04
d8fe04aeb976e2cd7d6e42a593115ac34b8bcbbc0b46bb8f6e1398f836eb7502
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
dd01a48a1ca01f9145e5604786844c2588d2b682b788c7a80f69d44f4a05d5be
dd4a138bb79cf44c56623e45510dd0069ad16eadc93d308c976a4d926dcd9799
dd626e58fb9f946dff6617370e24928df1444bcea2a9dedf93e80ef296ce598c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e14fd22d8f1cba0a33f36f95f543b9f411d607d76d889095ffdfc873d4081669
e1d90a442eab4724bb5cbb1b17d9bbad896d1b1a54c5b9005eef56be71ed0845
e2220d5f028c1b13784d4623b64bfe98a50da0315b601332d7057ed6ccf30047
e22bd92d2280ca7c46b51de3d792fe96d68688dfcde47a4b78b7712ef7010138
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e52b749ef82c355040d7b29d269533b9d5f2c919d180a6a919ae2e3431e24c98
ea5b0ba52a4aa797125b0d377004b96cb44bed1cbc19dd33c2afd271773482b4
ed0549c6c4d11bd4fa70f8bfc652dda717a3c172d5feb72b25c96d1e350832e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09084c3892e42c412c8e98dbf390cb02d544d293744e8698940439031598255
f21f8537b9b087805efd4334b8f0904aa547ba84c2c6a647d002fef16f42aa26
f46e2426950a346eef506810b92a3ecef65578d5f5225e862af6cb442ad66cb3
f65d755195cfb95f5c3e38a33d5ccd935236ff2869a720cdbcb8ac667c073e7e
f874e49abe428aded3ba65afd474956e72fed4fe833781b904c97f41dd71b2ce
f99f4e32624c915bc7fa18dc454de580b2035f9c9ebcd6ea3a1c9dddecaca5e8
fb3510b827835b851396cd05695713efff68826162ca27a73298fb29ee46a1f0
fc841eec8688e637094b23692a9145bc077c33bc2200aede39663f23129be2e7
fda64b6ff81afab2632a1322c0bde8b6213f1b05a96e0638fe899e62bbdba11c
ff943bf582a2b6018789b174549a271cec3f8e9eca1a0375452bc9f32d38e140

beforeitsnews.com Open in urlscan Pro 2606:4700:10::ac43:e6e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

98 %HTTPS

48 %IPv6

49 Domains

67 Subdomains

56 IPs

10 Countries

8873 kBTransfer

10191 kBSize

7 Cookies

36 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

98 %
HTTPS

48 %
IPv6

49
Domains

67
Subdomains

56
IPs

10
Countries

8873 kB
Transfer

10191 kB
Size

7
Cookies

186 HTTP transactions
2 data transactions