beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On February 20 via api (February 20th 2021, 12:02:56 am UTC) from US

Summary HTTP 208 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 58 IPs in 8 countries across 42 domains to perform 208 HTTP transactions. The main IP is 2606:4700:10::6816:4a8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 49	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	169.55.146.12 169.55.146.12	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
17	185.59.220.196 185.59.220.196	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3031::ac43:a025	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.64.15 104.18.64.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	89.40.36.137 89.40.36.137	50939 (SPACE-AS) (SPACE-AS)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	35.241.35.213 35.241.35.213	15169 (GOOGLE) (GOOGLE)
1	134.209.168.228 134.209.168.228	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	192.0.72.22 192.0.72.22	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:2182:0:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	13.226.159.65 13.226.159.65	16509 (AMAZON-02) (AMAZON-02)
2	93.184.221.168 93.184.221.168	15133 (EDGECAST) (EDGECAST)
7	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
22	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	13.226.159.59 13.226.159.59	16509 (AMAZON-02) (AMAZON-02)
4	64.62.227.5 64.62.227.5	6939 (HURRICANE) (HURRICANE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:4800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:5c00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1	3.124.48.224 3.124.48.224	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	35.156.245.144 35.156.245.144	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.106.231 35.156.106.231	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.148.148 193.232.148.148	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	52.50.156.162 52.50.156.162	16509 (AMAZON-02) (AMAZON-02)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
6	2600:9000:218... 2600:9000:2182:de00:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
208	58

49 2606:4700:10::6816:4a8a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 169.55.146.12 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c.92.37a9.ip4.static.sl-reverse.com

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.59.220.196 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-196.datapacket.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:a025 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.64.15 (United States)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.40.36.137 (Romania)

ASN50939 (SPACE-AS, RO)
PTR: amg-news.com

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.213 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 213.35.241.35.bc.googleusercontent.com

media.breitbart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.168.228 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: drcharlieward2.com

drcharlieward.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.22 (United States)

ASN2635 (AUTOMATTIC, US)

justusaknight.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4528 (United States)

ASN13335 (CLOUDFLARENET, US)

sonsoflibertymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:0:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-65.dus51.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.221.168 (London, United Kingdom)

ASN15133 (EDGECAST, US)

i.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.226.159.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-59.dus51.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.62.227.5 (San Jose, United States)

ASN6939 (HURRICANE, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:4800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:5c00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.48.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.245.144 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.106.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.148 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.156.162 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2182:de00:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	beforeitsnews.com 1 redirects beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com	1 MB
22	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	326 KB
17	tradingview.com s3.tradingview.com s.tradingview.com s3-symbol-logo.tradingview.com	334 KB
17	bitchute.com static-3.bitchute.com	638 KB
14	youtube.com img.youtube.com www.youtube.com	781 KB
10	googleapis.com fonts.googleapis.com www.googleapis.com imasdk.googleapis.com translate.googleapis.com	401 KB
9	rmbl.ws i.rmbl.ws sp.rmbl.ws	9 MB
8	gstatic.com fonts.gstatic.com www.gstatic.com	69 KB
7	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	36 KB
6	rumble.com rumble.com	62 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	google-analytics.com www.google-analytics.com	75 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	google.com translate.google.com www.google.com	8 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adhigh.net 2 redirects px.adhigh.net	934 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	729 B
2	lockerdome.com lockerdome.com	3 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	amg-news.com amg-news.com	1 MB
2	jamesredpillsamerica.com jamesredpillsamerica.com	2 MB
2	rddywd.com rddywd.com	1 KB
2	googlesyndication.com pagead2.googlesyndication.com	60 KB
2	ytimg.com i.ytimg.com	42 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	lentainform.com cm.lentainform.com	623 B
1	idealmedia.io cm.idealmedia.io	556 B
1	google.de www.google.de	107 B
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	2mdn.net s0.2mdn.net	11 KB
1	sonsoflibertymedia.com sonsoflibertymedia.com	927 KB
1	blogspot.com 1.bp.blogspot.com	140 KB
1	wordpress.com justusaknight.files.wordpress.com	541 KB
1	drcharlieward.com drcharlieward.com	46 KB
1	breitbart.com media.breitbart.com	54 KB
1	imgflip.com i.imgflip.com	48 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
208	42

	Domain	Requested by
25	img.beforeitsnews.com	beforeitsnews.com
24	beforeitsnews.com	1 redirects beforeitsnews.com ajax.cloudflare.com
17	static-3.bitchute.com	beforeitsnews.com
10	s-img.mgid.com
10	s.tradingview.com	s3.tradingview.com s.tradingview.com
9	www.youtube.com	www.youtube.com
7	sp.rmbl.ws	rumble.com
6	s3-symbol-logo.tradingview.com	s.tradingview.com
6	cm.mgid.com	jsc.mgid.com
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc beforeitsnews.com
6	rumble.com	beforeitsnews.com rumble.com
5	x.bidswitch.net	5 redirects
5	www.google-analytics.com	rumble.com www.googletagmanager.com www.google-analytics.com
5	img.youtube.com	beforeitsnews.com
5	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com www.youtube.com
4	ajax.beforeitsnews.com	beforeitsnews.com
3	www.google.com	www.youtube.com
3	www.gstatic.com	translate.googleapis.com www.youtube.com
3	stats.g.doubleclick.net	www.google-analytics.com lockerdome.com
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	2 redirects
2	px.adhigh.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	servicer.mgid.com	jsc.mgid.com
2	cdn.mgid.com	jsc.mgid.com
2	jsc.mgid.com	beforeitsnews.com
2	imasdk.googleapis.com	rumble.com imasdk.googleapis.com
2	i.rmbl.ws	rumble.com
2	www.googletagmanager.com	ajax.cloudflare.com s.tradingview.com
2	amg-news.com	beforeitsnews.com
2	jamesredpillsamerica.com	beforeitsnews.com
2	rddywd.com	beforeitsnews.com
2	pagead2.googlesyndication.com	beforeitsnews.com srcdoc
2	i.ytimg.com	beforeitsnews.com www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	googleads.g.doubleclick.net	www.youtube.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.lentainform.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.idealmedia.io
1	secure-assets.rubiconproject.com	1 redirects
1	l.sharethis.com	platform-api.sharethis.com
1	www.google.de
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	translate.google.com	beforeitsnews.com
1	s0.2mdn.net	imasdk.googleapis.com
1	s3.tradingview.com	ajax.cloudflare.com
1	platform-api.sharethis.com	ajax.cloudflare.com
1	sonsoflibertymedia.com	beforeitsnews.com
1	1.bp.blogspot.com	beforeitsnews.com
1	justusaknight.files.wordpress.com	beforeitsnews.com
1	drcharlieward.com	beforeitsnews.com
1	media.breitbart.com	beforeitsnews.com
1	i.imgflip.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	ajax.cloudflare.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
208	65

This site contains links to these domains. Also see Links.

Domain
www.herbanomic.com
mitocopper.com
25d25y4dmmx7h8eiri68xb0o9k.hop.clickbank.net
69b3d4-ogey4faauklimid7y6d.hop.clickbank.net
db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net
widgets.mgid.com
herbeauty.co
telegram.org
tinyurl.com
www.fincabayano.net
polaraidhealth.com
www.braintuner.com
t.me
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
www.5starshine.com
1f441szgnc6zk9ecuo7vmiv-70.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.rumble.com DigiCert SHA2 Secure Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
static-3.bitchute.com R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
amg-news.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
*.breitbart.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-23` - `2022-06-27`	2 years	crt.sh
drcharlieward.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-21` - `2022-01-21`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.tradingview.com Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
s3.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-09-30` - `2021-10-31`	a year	crt.sh
sp.rmbl.ws R3	`2021-01-20` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
beforeitsnews.com R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh

This page contains 16 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 77A7603D7CF29B21D6058ACFB2F4B6E5
Requests: 135 HTTP requests in this frame

Frame: https://rumble.com/embed/vbdroz/?pub=hw409
Frame ID: 92A1EA9EAC00D13C7545BB2BF3FFEA72
Requests: 12 HTTP requests in this frame

Frame: https://rumble.com/embed/vbdb4t/?pub=hw409
Frame ID: F2BC5EC887CB0A7A2BB8EEC7D6918D8A
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Frame ID: 5BB6525DE90E3E5BAEB4339AA02350A2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B1070BEAAAF5FB00C5A6C16CEBD7B9DE
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211200
Frame ID: F6950F957C283D1DA78D93C0869371E7
Requests: 2 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211200
Frame ID: 21A3F073862951CF7F1F7A825AA152D3
Requests: 5 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 4AFADF0AC5E5C410C4986B33700129FB
Requests: 18 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 510B5A95DA229C3D4F54843DBB425921
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: D206BAC7F2A4BCF0D3AB5DE45E34355B
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 0BEA93878D45B38C127804EF1ECEB1AE
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: AA2C5C1FC59ABC5D8BCA953E94740F1A
Requests: 2 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: EA2112541C06BFFCC5EEBA3C3188252C
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1613779359546161813333
Frame ID: 5272E2C003C2ECCC68C2315F287D0724
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 6EB3DAE7D7542039633A8F58E35E6A28
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/sxLxYxKmIsA
Frame ID: 8B5CF9A83CEDBD812992AA3DF8DB3DA1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

208
Requests

99 %
HTTPS

57 %
IPv6

42
Domains

65
Subdomains

58
IPs

8
Countries

17583 kB
Transfer

22508 kB
Size

3
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomic.com/productdirectory
Title: Shopping

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/herbanomic-fulvic-humic-complex/
Title: Deep Sleep - Energy - Vitality -- This Trace Mineral Complex Will Change How You Feel

Search URL Search Domain Scan URL

URL: https://25d25y4dmmx7h8eiri68xb0o9k.hop.clickbank.net/?tid=BINRTL1_1521
Title: Click Here If You’re Ready to Give Up the Burden of Your Belly Fat, and Bring Excitement, Comfort and Satisfaction Back into Your Life…

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-oxygen-delivery-system/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-water/

Search URL Search Domain Scan URL

URL: https://69b3d4-ogey4faauklimid7y6d.hop.clickbank.net/?tid=WATERFS_BIN_EMAIL
Title: ALERT - Try This New Tech and You'll Never Run Out of Clean Drinking Water Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net/?tid=BINRTL1
Title: Finally Revealed! Scientist Gives The Real Cause Of Weight Gain! See Video

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net/?tid=BINPTL
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/lifestyle/robert-irwin-recreates-legendary-photos-of-his-father/

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: BEFORE IT'S NEWS ON TELEGRAM * GET THE TELEGRAM APP - https://telegram.org

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/
Title:

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/
Title:

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://herbeauty.co/fashion/12-best-and-worst-fashion-trends-of-all-time/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/beauty/11-ways-to-burn-fat-while-you-sleep/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/foodtravel/10-worst-foods-for-anxiety-and-depression/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/lifestyle/what-s-your-perfect-bouquet-based-on-your-zodias-sign/

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Tiny Self Defense Tool Drops a 270 Thug In 2 Seconds - Get Yours Now!

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/certified-organic-biotin/
Title: What Vitamin Gives You Beautiful Hair, Strong Nails, Amazing Skin and Helps Lose Weight? (VIDEO)

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: How To Easily Manifest Anything You Wish Using Quantum Physics

Search URL Search Domain Scan URL

URL: http://www.5starshine.com/
Title: Car Waxes are a SCAM. Amazing Product Repels Dirt for Years With Patented Teflon Protection!

Search URL Search Domain Scan URL

URL: https://1f441szgnc6zk9ecuo7vmiv-70.hop.clickbank.net/?tid=BINRTL1121220
Title: Discover All the Edible and Medicinal Plants in North America in Case of an Emergency

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 169

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 170

https://x.bidswitch.net/sync?dsp_id=303&user_id=l1jDBmQFYd2g HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l1jDBmQFYd2g HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent=&apid=UPf288cc99-730e-11eb-9eb6-0622eb2986d2 HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent=&apid=UPf288cc99-730e-11eb-9eb6-0622eb2986d2&verify=true

Request Chain 171

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=u7NRa2A7nbjc.AikABlF3vL6neg&expires=30&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=31ae7791-6405-4250-912a-a82c50d2486b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 173

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=Ng6KxzKdhWBGO4USTe6t&pi=mgid&tc=1

Request Chain 174

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=d48c87d2-50ab-47e8-b5a8-9fefce6aff76&ttl=1616371359

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFqREJtUUZZZDJn&muidn=l1jDBmQFYd2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFqREJtUUZZZDJn&muidn=l1jDBmQFYd2g&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=l1jDBmQFYd2g&google_ula={guid},5&google_gid=CAESEEH_YKYrYASXMLEMgMyFjPE&google_cver=1

208 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

121 KB
24 KB

556ms
538ms

Document
text/html

2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f14d4508ddbfe25b151fddba29a909d1360f3a94d58473d7e8c2f42fd33fa21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d98f762e447e5bd5ce24ef779ed475a021613779357; expires=Mon, 22-Mar-21 00:02:37 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s3; path=/ __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ47wG8rJByCTH; SameSite=Lax; path=/; expires=Sat, 20-Feb-21 02:20:37 GMT; HttpOnly
cf-ray: 6243f5b9296b4a8c-FRA
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
cf-request-id: 085e57e7b700004a8cf41e3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sat, 20 Feb 2021 00:02:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 20 Feb 2021 01:02:37 GMT
Location: https://beforeitsnews.com/
cf-request-id: 085e57e7930000d6e5563da000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6243f5b8ed2ad6e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 16ms
14ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 315710
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3294CE57C1BECB73
x-amz-id-2: IlYGlurCQhsr8ULw52Ie9eVGsIk4yQtsu/qQkjz4JTbo6nkcmSmbMTgByvawinkd1yJpr4QNKYs=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"165501590067c5189e81c831f77f81ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tjjN.jFT95DY_pkhk6.cTP9tpZK602Ny
cf-request-id: 085e57e9da00004a8cf41fe000000001
cf-ray: 6243f5bc8cf74a8c-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
712 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 23:55:32 GMT
server: ESF
date: Sat, 20 Feb 2021 00:02:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Feb 2021 00:02:38 GMT

GET
H2 200 global-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 15 KB
3 KB 24ms
22ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29806
cf-polished: origSize=15665
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57e9d900004a8ceb342000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-3d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6243f5bc8cf14a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:51 GMT

GET
H2 200 fancybox-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 18ms
17ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29806
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57e9d900004a8cc8044000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6243f5bc8cf44a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:51 GMT

GET
H2 200 home-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 28 KB
6 KB 23ms
22ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29806
cf-polished: origSize=29022
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57e9da00004a8c2ca73000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-715e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6243f5bc8cf54a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 responsive-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 20 KB
3 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

310eaeee814d79e97a48c1859c4d0187ffc24b92fec8f2b7a190b56448f776d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29806
cf-polished: origSize=20488
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57e9da00004a8cd1265000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-5008"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6243f5bc8cf64a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 34ms
23ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 174939
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
cf-request-id: 085e57e9fa00004a8cf6a56000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 23:26:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bcbd264a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 44ms
33ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 181626
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
cf-request-id: 085e57e9fa00004a8c0b858000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 21:35:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bccd2c4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
698 B 33ms
22ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 594399
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
cf-request-id: 085e57e9fc00004a8ccdade000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 13 Feb 2022 02:55:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bccd364a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/CcpuDaoAqq4/ 18 KB
19 KB 38ms
15ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/CcpuDaoAqq4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

470955ca36f06efb5514e47f9cc7bfc0d912bb7082523101fb6c4c6aac4e5e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1606397672"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18845
x-xss-protection: 0
expires: Sat, 20 Feb 2021 02:02:38 GMT

GET
H2 200 scientist_reveals_real.jpg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 34ms
24ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 177680
cf-polished: origFmt=jpeg, origSize=55516
content-disposition: inline; filename="scientist_reveals_real.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46020
cf-request-id: 085e57e9fd00004a8ca0894000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-d8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:41:18 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bccd344a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 emigrate2.jpeg
img.beforeitsnews.com/img/banner2020/ 55 KB
55 KB 37ms
27ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/emigrate2.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3458341
cf-polished: origSize=56198, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55905
cf-request-id: 085e57e9fa00004a8cb293d000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-db86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bccd2f4a8c-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 polaraidhealth.jpeg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 41ms
31ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/polaraidhealth.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3458341
cf-polished: origSize=46655, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46365
cf-request-id: 085e57e9fc00004a8ca3a86000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-b63f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bccd324a8c-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 BCX_Rife350x290.jpg
img.beforeitsnews.com/img/banner2020/ 36 KB
36 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/BCX_Rife350x290.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 315822
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36512
cf-request-id: 085e57ea1000004a8cb293f000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 08:18:56 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bced584a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 30ms
10ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 085e57ea020000c2a424073000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5M2LX5iIDPk9O9j98zc0YPPwfsOCkqLwhrcBGZnJd8pCSl6kLgbODTI8E6axBa8i2cfE6Qw4eAkUf9v17F1r8i6l0GdkabeoGMJpYNEYOvrsdDlJo3wZCxlzqL6Z28Nt"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6243f5bcd981c2a4-FRA
expires: Mon, 22 Feb 2021 00:02:38 GMT

GET
H2 200 Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 13ms
13ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 4100345
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BS7S1H3H1K4GBQ7P
x-amz-id-2: QjApP71jKYVGRAdkz9Q9P6OqBxHUujj3Ssfx891KJE0sEVGRFVTs3J5cx2ZDaBvfdzUqDnivfaM=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"93a3e7d84b15a0c8a8a9e4e6c8779aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3R09nKFA1fkBWMCXCpPvkqre3wT0snqV
cf-request-id: 085e57e9ee00004a8c298e3000000001
cf-ray: 6243f5bcbd1c4a8c-FRA

GET
H2 200 / Show response
rumble.com/embed/vbdroz/ Frame 92A1 15 KB
6 KB 372ms
123ms Document
text/html 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vbdroz/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf18c7a4f21df2eba5bae0a708b8007e4cd2775afbe80388a904f573735e8ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

:method: GET
:authority: rumble.com
:scheme: https
:path: /embed/vbdroz/?pub=hw409
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

server: nginx
date: Sat, 20 Feb 2021 00:02:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/vdzxv3-senate-majority-blurts-out-truth-in-his-confusion-capitol-takeover-was-stag.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
H2 200 / Show response
rumble.com/embed/vbdb4t/ Frame F2BC 15 KB
6 KB 461ms
214ms Document
text/html 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vbdb4t/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

742d6179dde47a9a8361a204a46ae6164360817a57506ec876463d5e62f3c4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

:method: GET
:authority: rumble.com
:scheme: https
:path: /embed/vbdb4t/?pub=hw409
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

server: nginx
date: Sat, 20 Feb 2021 00:02:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/vdzhax-do-you-have-any-idea-what-is-in-these-anti-second-amendment-bills-being-int.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

609c63905a53fb868987279daf5a76db62719062bc497e07db3b6866ec531e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48581
x-xss-protection: 0
server: cafe
etag: 14722425902091878225
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Feb 2021 00:02:38 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
631 B 39ms
10ms Script
application/javascript 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 64326
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2QK6z7Pd0qSOeSf2L00EVHH6eTLGVu2aPHp7dwidT44HeADNn3q6z1XoEePhA5H1To0DCsLltQUrqFwcy%2FsOj3h9aDOT14QhPWBYU479vNIiPl1ZU%2FdS"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6243f5bcf93c05dc-FRA
content-length: 9
cf-request-id: 085e57ea1a000005dc8f2d9000000001

GET
H2 200 adcode.png
rddywd.com/ 43 B
685 B 31ms
15ms Image
image/gif 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 57087
content-length: 43
cf-request-id: 085e57ea1d00004abd6e949000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=onn7iWTxdjPdgHNqMQwBGH%2BbDHXU%2FTx6WLLuyrDJS2cFRX5R4xt5QmaQ60A2d87wcpRkGDwKBp19%2FHsgPSkCesucm%2B3qbYq3KT08tIN3hP%2BciBviiT8p"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6243f5bcfeb04abd-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
182 B 25ms
5ms Image
text/plain 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
307 B 23ms
23ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 176846
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
cf-request-id: 085e57e9ff00004a8c2720e000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:55:12 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6243f5bccd3c4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
894 B 31ms
31ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 176802
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
cf-request-id: 085e57ea0600004a8c08bd7000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:55:56 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6243f5bcdd464a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 17ms
17ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1421854
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
cf-request-id: 085e57ea0900004a8c2ca77000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6243f5bcdd4d4a8c-FRA
expires: Thu, 03 Feb 2022 13:05:04 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1421839
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
cf-request-id: 085e57ea0a00004a8cb0022000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6243f5bcdd514a8c-FRA
expires: Thu, 03 Feb 2022 13:05:19 GMT

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
2 KB 17ms
16ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 176960
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
cf-request-id: 085e57ea0a00004a8cc8047000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:53:18 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6243f5bcdd534a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 13 KB
13 KB 7ms
6ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 02:55:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:06 GMT
server: sffe
age: 594439
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13064
x-xss-protection: 0
expires: Sun, 13 Feb 2022 02:55:19 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 15:40:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:15:51 GMT
server: sffe
age: 202956
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9028
x-xss-protection: 0
expires: Thu, 17 Feb 2022 15:40:02 GMT

GET
H2 200 PjDKM4N15UZ7D1lEtC9FTJoX_640x360.jpg
static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/ 15 KB
16 KB 144ms
78ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/PjDKM4N15UZ7D1lEtC9FTJoX_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

d7fee305e00cdf2564b19f2ce784e9b7ea43e2f0d31b974f2a3573b1b72ffca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-01-18 17:36:04
cdn-pullzone: 89010
content-length: 15518
x-amz-request-id: tx000000000000017191a9a-006005b8f4-43ba6e0-nyc3a
last-modified: Mon, 18 Jan 2021 15:48:22 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: c7702981d7ac45b752dba4acbd57a5e8
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/p-h37t1vU_s/ 10 KB
10 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/p-h37t1vU_s/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

121cb1fb120cf0c70971e0f5640cb14c17312a8ab0a107ad2630c2a8215c1037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:15:18 GMT
x-content-type-options: nosniff
server: sffe
age: 2840
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10320
x-xss-protection: 0
expires: Sat, 20 Feb 2021 01:15:18 GMT

GET
H2 200 NO-VIRUS.jpg
jamesredpillsamerica.com/images/ 575 KB
576 KB 48ms
23ms Image
image/jpeg 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/NO-VIRUS.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8be02f206a5e7fe2a034fbc8e3171abee2cd63f876f7230373155c95ef6ae1e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8026
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 588650
cf-request-id: 085e57ea7e0000dfcf7f2e2000000001
last-modified: Sat, 16 Jan 2021 18:49:52 GMT
server: cloudflare
etag: "60033550-8fb6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NNXFBHRBok7%2BRL2QdWs4BPhaJNvR1kCMYfzNPqexLERgDcS%2BQtdJV06nlvDwNY7jvCBYztpfk%2Fp87nCavHXkSt1luFSpmhiz8k8U1nGzSwOA7LurZeoUzVQVNBLR5txm9wU9dd8%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bd9915dfcf-FRA
expires: Sat, 19 Feb 2022 21:48:51 GMT

GET
H2 200 4ynm9c.jpg
i.imgflip.com/ 47 KB
48 KB 76ms
34ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4ynm9c.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a21673f00fccd26d92e98e537e3456db760e6e38822723a32fc2be8d59e1c14b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cf-cache-status: HIT
age: 37292
cf-polished: origSize=49108
cf-ray: 6243f5bdbfdc1ed2-AMS
content-length: 48437
x-amz-id-2: PJ1Rp/fqxbRfjUPLAYV+goExJS7aLgkHjtu6aIkq/oKzYFjtI2gI04CBAPn4ZBWuGpMmhAe/T7A=
last-modified: Fri, 19 Feb 2021 13:36:17 GMT
server: cloudflare
etag: "87e315d6f197dd2e82078023656da4fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: FB03D2D5F60A4C2E
access-control-allow-origin: *
expires: Tue, 18 Feb 2031 00:02:38 GMT
cache-control: public, max-age=315360000
cf-request-id: 085e57ea9600001ed2d4919000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 gVGo280cxvX2r4axcTOSQHQe_640x360.jpg
static-3.bitchute.com/live/cover_images/BFwpmlvkLsJY/ 23 KB
23 KB 128ms
62ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/BFwpmlvkLsJY/gVGo280cxvX2r4axcTOSQHQe_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

ff90a7645bd6b34292930e3c5e85313feabe1b2a40783b58d09fa238fd05d702

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000000ce170dc-00601fb39b-46b98f5-nyc3a
cdn-cachedat: 2021-02-07 10:32:11
cdn-pullzone: 89010
content-length: 23399
last-modified: Sun, 07 Feb 2021 09:18:24 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 69628a785303da3f2cdbe328888b7f93
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 iP982uxquR3u_640x360.jpg
static-3.bitchute.com/live/cover_images/AMhoJpc4Zf2T/ 25 KB
25 KB 143ms
78ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/AMhoJpc4Zf2T/iP982uxquR3u_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

bb7e9dcf46c3e28648a9eefe825726629633a1ca87f1a040c310dc3a28ea6cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx000000000000029b2d392-00602e8989-43b55da-nyc3a
cdn-cachedat: 2021-02-18 16:36:41
cdn-pullzone: 89010
content-length: 25331
last-modified: Thu, 18 Feb 2021 01:30:20 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: ae7c426789c43f7ef18a95541f50e8ae
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 Virus.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 69 KB
70 KB 20ms
18ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/Virus.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

546f51b3ea22ede0d5ed26f7686f15bdbd300c066497554511de916b813437ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1136867
cf-polished: origSize=83836, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70993
cf-request-id: 085e57ea6900004a8ca887f000000001
last-modified: Tue, 28 Jan 2020 00:57:08 GMT
server: cloudflare
etag: "5e2f86e4-1477c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 06 Feb 2022 20:14:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bd7dbe4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 nkjnXe1XT0QJ_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 23 KB
23 KB 143ms
78ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/nkjnXe1XT0QJ_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

b254a0605664472bde6f059776da3ef51af099f74b74afbf7b6c05887607037c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 722
x-amz-request-id: tx000000000000029ee45a0-00602f6c30-43ba6e0-nyc3a
cdn-cachedat: 2021-02-19 08:43:44
cdn-pullzone: 89010
content-length: 23436
last-modified: Fri, 19 Feb 2021 07:34:09 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 5a7600b649bfe769988380fd6d9d0e36
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 OIP%20(23)(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
16 KB 19ms
17ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(23)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c27b51fbe75ac10fa50e1d74506eb92c2ba81014abeee79042db03ed06a64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 292843
cf-polished: origSize=16900, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15731
cf-request-id: 085e57ea6900004a8c27212000000001
last-modified: Tue, 16 Feb 2021 14:29:14 GMT
server: cloudflare
etag: "602bd6ba-4204"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 14:41:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bd7dbf4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 0-2-960x559.png
amg-news.com/wp-content/uploads/2021/02/ 751 KB
751 KB 527ms
383ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/02/0-2-960x559.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS: amg-news.com
Software: LiteSpeed /
Resource Hash: 163cc5bd0a3f3045ee6d4f046ad35361f6a74f4a00710349ca53a224ac7b3909

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
last-modified: Wed, 17 Feb 2021 16:35:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 768755
expires: Sat, 27 Feb 2021 00:02:38 GMT

GET
H2 200 RRZpw7qj5qpFvewJmKhsokiN_640x360.jpg
static-3.bitchute.com/live/cover_images/Vm23K8CQOGQR/ 37 KB
37 KB 133ms
78ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Vm23K8CQOGQR/RRZpw7qj5qpFvewJmKhsokiN_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

b35edc255b6a247b77e5542dd6d224bebb82f941fa4a20db04aeb77bf96f8a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-19 18:23:22
cdn-pullzone: 89010
content-length: 37829
x-amz-request-id: tx00000000000002a4ff3bc-00602ff40a-43b5652-nyc3a
last-modified: Fri, 19 Feb 2021 17:22:56 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 7fecfd9e26e284af536860702f587dff
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/7NewdtM7a28/ 28 KB
28 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/7NewdtM7a28/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de70f32e882dd91cf22db419cb671815b11636ea1adefcf5b9735850a684b61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1613742704"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28769
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:07:38 GMT

GET
H2 200 1200px-Robert_David_Steele_001(4)(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 37 KB
37 KB 17ms
15ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/1200px-Robert_David_Steele_001(4)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98833ce9d996f54d74e707ae9e4d032b97cf303333db38e1938435315bd16f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 84878
cf-polished: origSize=38639, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38126
cf-request-id: 085e57ea7c00004a8cb5a5a000000001
last-modified: Fri, 19 Feb 2021 00:12:56 GMT
server: cloudflare
etag: "602f0288-96ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 00:27:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bd9de14a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Maxwell-Ghislaine.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 39 KB
39 KB 20ms
18ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Maxwell-Ghislaine.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1056a55e9ab2d7fa0b30ceac60db996ff097511a3a72befa8b2b1b99bb8c8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6411
cf-polished: origSize=42753, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39687
cf-request-id: 085e57ea7d00004a8cda03a000000001
last-modified: Fri, 19 Feb 2021 22:14:39 GMT
server: cloudflare
etag: "6030384f-a701"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 22:15:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bd9de44a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 HEeE6WTbXo5IQdcYTb3w24lG_640x360.jpg
static-3.bitchute.com/live/cover_images/oACWZBJypqWf/ 46 KB
47 KB 79ms
35ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oACWZBJypqWf/HEeE6WTbXo5IQdcYTb3w24lG_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

b6c6ca14cc3b71344f97058c71b2ef5c957710237df46edac95b38effce51817

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000002a31c048-00603008ef-43ba6e0-nyc3a
cdn-cachedat: 2021-02-19 19:52:31
cdn-pullzone: 89010
content-length: 47259
last-modified: Fri, 19 Feb 2021 18:42:37 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 8f7681dd327f6af7e757a6f216dcc78e
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 OV4CRYHH5KI5SUH2HSRTVVNQ2A.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 35 KB
35 KB 24ms
22ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OV4CRYHH5KI5SUH2HSRTVVNQ2A.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42f614b6a7df13ef48bc8e98fef0ffaa467b24af7df44654362357bb23cd08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20439
cf-polished: origSize=37260, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35518
cf-request-id: 085e57ea7d00004a8cd7a41000000001
last-modified: Fri, 19 Feb 2021 18:03:05 GMT
server: cloudflare
etag: "602ffd59-918c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 18:21:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bd9de34a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 medical_logo_188822.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 21 KB
21 KB 18ms
16ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/medical_logo_188822.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a7166a9bf611075509f6daab98e6c808afc3316c14f4bfe1459b5bea17aca24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 106264
cf-polished: origSize=21966, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21582
cf-request-id: 085e57ea7e00004a8ca3a8c000000001
last-modified: Sun, 27 Aug 2017 13:03:13 GMT
server: cloudflare
etag: "59a2c311-55ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 18 Feb 2022 18:31:34 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bd9de54a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 fig1-1.png
amg-news.com/wp-content/uploads/2021/02/ 626 KB
627 KB 190ms
67ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/02/fig1-1.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS: amg-news.com
Software: LiteSpeed /
Resource Hash: 8748c3f093e179a97bd9638f355e43b9e8814a1bcd31b26916d0f4ea454d4f47

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
last-modified: Fri, 19 Feb 2021 15:04:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 641454
expires: Sat, 27 Feb 2021 00:02:38 GMT

GET
H2 200 national-guard-deploy-white-house-june-black-lives-matter-protests-rocked-us-capital-getty-640x448.jpg
media.breitbart.com/media/2020/06/wi/afp/09/ 54 KB
54 KB 63ms
23ms Image
image/jpeg 35.241.35.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.breitbart.com/media/2020/06/wi/afp/09/national-guard-deploy-white-house-june-black-lives-matter-protests-rocked-us-capital-getty-640x448.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.213 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.35.241.35.bc.googleusercontent.com
Software: shield /
Resource Hash: 4fb766d6d2c9ffd693f9f83bd6f18b7a55804e2ad8bc81733404686acc3b2c5b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
via: 1.1 google, 1.1 google
last-modified: Tue, 09 Jun 2020 22:36:32 GMT
server: shield
etag: "5ee00ef0-d8b6"
content-type: image/jpeg
x-shield-request-id: aa3649fad75567b996a2f09f0e60e339
cache-control: max-age=31556926
accept-ranges: bytes
alt-svc: clear, clear
content-length: 55478

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/lMlHnj4AQWg/ 23 KB
23 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/lMlHnj4AQWg/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e664d73f0b2ae548ab50a11725153d9eaf1ca55a0bdf1076ee915cc6e20ac06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:01:10 GMT
x-content-type-options: nosniff
server: sffe
age: 88
etag: "1613676974"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23559
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:06:10 GMT

GET
H2 404 E542A445-1520-4D1C-B30A-FF7B21B8BF23.jpeg
img.beforeitsnews.com/contributor/upload/776209/images/ 0
0 395ms
393ms Image
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.beforeitsnews.com/contributor/upload/776209/images/E542A445-1520-4D1C-B30A-FF7B21B8BF23.jpeg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT

GET
H2 200 cOFJQslYK5Wz_640x360.jpg
static-3.bitchute.com/live/cover_images/ixl3C6dlg6S5/ 71 KB
71 KB 77ms
75ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/ixl3C6dlg6S5/cOFJQslYK5Wz_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

d104b9b05add8375198f31bd85adf0df17b6d70d348734d41aa4b71ae0567765

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000001417f1ed-00603013ce-46b98f5-nyc3a
cdn-cachedat: 2021-02-19 20:38:54
cdn-pullzone: 89010
content-length: 72414
last-modified: Fri, 19 Feb 2021 19:35:47 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: d8984b36f5e89cd0cb09d5d36aac134e
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 Untitled%20115.jpg
img.beforeitsnews.com/contributor/upload/69910/images/ 23 KB
23 KB 23ms
21ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/69910/images/Untitled%20115.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e345937ea807c982b1b3e7068909ac278677eaeb48949fa6649b77af379ebd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2232
cf-polished: origSize=25370, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23845
cf-request-id: 085e57ea7e00004a8c0b85e000000001
last-modified: Fri, 19 Feb 2021 23:13:18 GMT
server: cloudflare
etag: "6030460e-631a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 23:25:26 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bd9de74a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 A_America.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 25 KB
25 KB 19ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/A_America.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745681472b16f5879d50329db19a8cb4f23766b3a2cebfcc48a420b872bd1010

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 146043
cf-polished: origSize=31111, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25579
cf-request-id: 085e57ea8d00004a8cff117000000001
last-modified: Fri, 22 Jan 2021 22:13:59 GMT
server: cloudflare
etag: "600b4e27-7987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 18 Feb 2022 07:28:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bdae024a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 A9mRyBgAiqz3_640x360.jpg
static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/ 40 KB
41 KB 77ms
75ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9c7qJvwx7YQT/A9mRyBgAiqz3_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

f9f83cfa320dbb77a5eb1ef21940cf051f2c54dce20eb87cf2891411581446a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 722
x-amz-request-id: tx000000000000029ff50be-00602f24a9-43b55da-nyc3a
cdn-cachedat: 2021-02-19 03:38:34
cdn-pullzone: 89010
content-length: 41243
last-modified: Fri, 19 Feb 2021 02:29:24 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: e0b0caa5bbb16bdb81a7eac311de9afb
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 ZCCEJdfgoNVZ25txow9I6gDn_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 36 KB
37 KB 78ms
75ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ZCCEJdfgoNVZ25txow9I6gDn_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

62bae2f11f397b39af63c75f4da1433ad10287edceecd079ae8a40e4b820d129

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-02-17 02:12:16
cdn-pullzone: 89010
content-length: 37048
x-amz-request-id: tx000000000000012813a1d-00602c6d70-46b98f5-nyc3a
last-modified: Wed, 17 Feb 2021 01:00:47 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 10dcad4138105c9f0a9ce28b0d9c4ddf
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 SECRET.jpg
jamesredpillsamerica.com/images/ 968 KB
970 KB 19ms
17ms Image
image/jpeg 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/SECRET.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 657edadec294d875e1501656cfbc7cfdfe1f7ff09a7002f827a7c95e30fb216f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 839362
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 990973
cf-request-id: 085e57ea7e0000dfcfc0b8f000000001
last-modified: Tue, 30 Jun 2020 13:07:27 GMT
server: cloudflare
etag: "5efb390f-f1efd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6aV4wnA%2F6%2B1t5fhuzNzVu6I0t2JxLUn5LumBQo6fo%2F0Gb5hIQ9znPwjbmWlxN2JysO9uZkbfH9WCfW9OJ510kJ%2BhZnGRll2TEtdF40BAp6JwtMfGHp3wqW%2BpusSYJUoqVpcb3pg%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bd9916dfcf-FRA
expires: Thu, 10 Feb 2022 06:53:15 GMT

GET
H2 200 XmQidIFUC1cW_640x360.jpg
static-3.bitchute.com/live/cover_images/ixl3C6dlg6S5/ 25 KB
26 KB 78ms
75ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/ixl3C6dlg6S5/XmQidIFUC1cW_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

0abbfaaab7aff367ebd495294f98954f04c909b80157b8209052a09428a05a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000029d4cb9a-00602ecad1-43b55da-nyc3a
cdn-cachedat: 2021-02-18 21:15:13
cdn-pullzone: 89010
content-length: 26083
last-modified: Thu, 18 Feb 2021 20:04:47 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 54aa7021b918322439b6df69eb4b22e3
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/FViI4X7tLdM/ 36 KB
36 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/FViI4X7tLdM/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7420d970218c4155462ac0e7e641bdcf2364899a2daa218c94d0519ad246602a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:50:06 GMT
x-content-type-options: nosniff
server: sffe
age: 752
etag: "1610339187"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36425
x-xss-protection: 0
expires: Sat, 20 Feb 2021 01:50:06 GMT

GET
H2 200 R6bf1455d1e7b05f3f8583aeb924850a8.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 33 KB
33 KB 20ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R6bf1455d1e7b05f3f8583aeb924850a8.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

801dc4d2aa92b54f8e4e16a64204cc46ce6607fed9433e25f7aa11167965c0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 991
cf-polished: origSize=34565, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33648
cf-request-id: 085e57ea9500004a8c1f814000000001
last-modified: Mon, 11 Jan 2021 01:39:34 GMT
server: cloudflare
etag: "5ffbac56-8705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 23:46:06 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5bdbe0a4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Happy-Sunday.jpg
drcharlieward.com/wp-content/uploads/2020/11/ 45 KB
46 KB 325ms
104ms Image
image/jpeg 134.209.168.228
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://drcharlieward.com/wp-content/uploads/2020/11/Happy-Sunday.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.209.168.228 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

drcharlieward2.com

Software

nginx / WordOps

Resource Hash

214bd19f84736350c3964ba1967229ff51ca2f46bccfbf7dfc5e661977bb37f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
x-content-type-options: nosniff
x-powered-by: WordOps
content-length: 46170
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 05 Nov 2020 04:33:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5fa380a1-b45a"
x-download-options: noopen
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 screen-shot-2021-02-19-at-7.26.41-am.png
justusaknight.files.wordpress.com/2021/02/ 540 KB
541 KB 64ms
22ms Image
image/png 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://justusaknight.files.wordpress.com/2021/02/screen-shot-2021-02-19-at-7.26.41-am.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

714dcf635dffa58c9c90a7b16a57ac37ad1876da2bc6c56feec33e8090cf9990

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 22 np
date: Sat, 20 Feb 2021 00:02:38 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Fri, 19 Feb 2021 14:35:29 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://justusaknight.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 552916
expires: Thu, 18 Mar 2021 13:14:39 GMT

GET
H2 200 screenshot_2021-02-14-22-17-57-11458121816.png
1.bp.blogspot.com/-TUxN3eu6Owc/YDBH8KSboHI/AAAAAAAAeOw/YlQdrjQDX_Ul0PnxJ1_nqdfAH2EnXSpHQCLcBGAsYHQ/s600/ 140 KB
140 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-TUxN3eu6Owc/YDBH8KSboHI/AAAAAAAAeOw/YlQdrjQDX_Ul0PnxJ1_nqdfAH2EnXSpHQCLcBGAsYHQ/s600/screenshot_2021-02-14-22-17-57-11458121816.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

63b9449a2351ba42eb5d2d76502bcfd91e33d7097d9111fd332352605a1acb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:27:23 GMT
x-content-type-options: nosniff
age: 2115
content-disposition: inline;filename="screenshot_2021-02-14-22-17-57-11458121816.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143099
x-xss-protection: 0
server: fife
etag: "v78f4"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 Feb 2021 23:27:23 GMT

GET
H2 200 A_Quantum.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 40 KB
40 KB 27ms
27ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/A_Quantum.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc4db94841511445818e558374e732933e5cebc46c92118928d56126cad8d142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 21864
cf-polished: origSize=43327, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41146
cf-request-id: 085e57eacf00004a8c298eb000000001
last-modified: Fri, 19 Feb 2021 17:55:17 GMT
server: cloudflare
etag: "602ffb85-a93f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 17:58:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5be1e544a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 h1pFBPRW9y2P_640x360.jpg
static-3.bitchute.com/live/cover_images/8LyqCWp3SSH4/ 35 KB
36 KB 74ms
73ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/8LyqCWp3SSH4/h1pFBPRW9y2P_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

b15122376837b963a97e89461a7f11c7565ae51f578d3c6486f852ab3064ce7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-02-19 03:33:30
cdn-pullzone: 89010
content-length: 35898
x-amz-request-id: tx000000000000029faaf41-00602f237a-43b5652-nyc3a
last-modified: Fri, 19 Feb 2021 02:15:33 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 297207e27f84d292d36f1b92d3d9827f
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 unnameddddddd.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 56 KB
57 KB 20ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnameddddddd.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bea70fcd4c0954924c88066a977af45b72b483837eec9b7d08c650c4cccef335

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 344456
cf-polished: origSize=60496, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57555
cf-request-id: 085e57eaeb00004a8cff11b000000001
last-modified: Fri, 28 Aug 2020 12:19:33 GMT
server: cloudflare
etag: "5f48f655-ec50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 00:21:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5be4e864a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 YhUhSK1oOJVXHtsyaAXj0AUI_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 25 KB
26 KB 49ms
48ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/YhUhSK1oOJVXHtsyaAXj0AUI_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

d9739c96b42fe1e9b56dfa9f8ed993d3c0b9b411c44293c3eb938f793403dfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 722
x-amz-request-id: tx000000000000013029152-00602d9862-46b98f5-nyc3a
cdn-cachedat: 2021-02-17 23:27:46
cdn-pullzone: 89010
content-length: 26019
last-modified: Wed, 17 Feb 2021 20:01:02 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 73439e90096775c4ffeee8cb6f369ba8
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 OIP(72).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 32 KB
32 KB 18ms
18ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP(72).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80816db50cd38c547b3d4f0dc1852002ccbde66ea4c3b802368825b43448f689

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 201983
cf-polished: origSize=34827, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32489
cf-request-id: 085e57eaeb00004a8c0f337000000001
last-modified: Wed, 17 Feb 2021 15:39:51 GMT
server: cloudflare
etag: "602d38c7-880b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 15:56:15 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5be4e884a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 p8mpmJyrgn6Tqz8r3Hat90hX_640x360.jpg
static-3.bitchute.com/live/cover_images/2m4a3NgD19fe/ 35 KB
36 KB 50ms
49ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/2m4a3NgD19fe/p8mpmJyrgn6Tqz8r3Hat90hX_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

c8a3a8998456680357127ef5b8b14e940b671ea39dd82f03f1c49c514631f9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000001f273b4f-006016c85b-43ba6e0-nyc3a
cdn-cachedat: 2021-01-31 16:10:19
cdn-pullzone: 89010
content-length: 36106
last-modified: Sun, 31 Jan 2021 14:29:14 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: ba2530c2fa17abfa4f169b1ae62affd6
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 OIP(55).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 27 KB
27 KB 25ms
17ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP(55).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bff00389d65162861fa21d7d3a888b52bec76ade6a9aadb79177c50bb1b0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 262464
cf-polished: origSize=28707, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27223
cf-request-id: 085e57eb0200004a8c1c9ac000000001
last-modified: Wed, 13 Jan 2021 23:20:56 GMT
server: cloudflare
etag: "5fff8058-7023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 23:08:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5be6ea54a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/czdguZAt7qg/ 13 KB
14 KB 15ms
7ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/czdguZAt7qg/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe96f43fb9fd696e1c1b25524fd5fb0fd0e43d91a2f4f48830719c688f1988e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:25:04 GMT
x-content-type-options: nosniff
server: sffe
age: 2254
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13750
x-xss-protection: 0
expires: Sat, 20 Feb 2021 01:25:04 GMT

GET
H2 200 hqdefault(304).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 10 KB
11 KB 20ms
17ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(304).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8549577feb74cd2da95df59938e46035c4b56954c8db1971c7c5a43b5c6f8574

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 251055
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10629
cf-request-id: 085e57eb0200004a8ce835f000000001
last-modified: Wed, 17 Feb 2021 02:08:03 GMT
server: cloudflare
etag: "602c7a83-2985"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 02:18:23 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5be6ea64a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 42 KB
43 KB 32ms
29ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-01-26 13:45:38
cdn-pullzone: 89010
content-length: 43209
x-amz-request-id: tx00000000000001c3068ef-0060100ef2-43b5652-nyc3a
last-modified: Tue, 26 Jan 2021 11:28:15 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: e5e31b517fc4f5861ef64dbc6d178ccb
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 The-Event-logo.jpeg
img.beforeitsnews.com/contributor/upload/106013/images/ 6 KB
6 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/The-Event-logo.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

801363bedbfce205fbda10b1bd4528cdadbcdfa13318556056cf05d865520b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 82915
cf-polished: origSize=6358, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6170
cf-request-id: 085e57eb0200004a8c22b44000000001
last-modified: Fri, 19 Feb 2021 00:41:25 GMT
server: cloudflare
etag: "602f0935-18d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 01:00:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5be6ea74a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 YSy8EvYqLl2z_640x360.jpg
static-3.bitchute.com/live/cover_images/JWcFOOxBgw75/ 94 KB
95 KB 33ms
31ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/JWcFOOxBgw75/YSy8EvYqLl2z_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

aa306ecfe02da51caefa05cfeaa1e5dd19e2a28df63a2a17e0c543261b7873fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-15 23:32:14
cdn-pullzone: 89010
content-length: 96760
x-amz-request-id: tx000000000000011d8cf36-00602af66d-46b98f5-nyc3a
last-modified: Mon, 15 Feb 2021 22:17:36 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 0b4606811db588615f9dc7b5c55c4d76
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 Ju0jkojvRLw03M7H735txvxX_640x360.jpg
static-3.bitchute.com/live/cover_images/tj99AwcN3zlH/ 43 KB
43 KB 39ms
37ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/tj99AwcN3zlH/Ju0jkojvRLw03M7H735txvxX_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

3762acb9f8b2573268fd4be36fe6e0258152e7f6430a88874483fe8ea6d3339d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000029fc233f-00602f1d23-43b55da-nyc3a
cdn-cachedat: 2021-02-19 03:06:27
cdn-pullzone: 89010
content-length: 43827
last-modified: Fri, 19 Feb 2021 02:06:19 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: df29dac59b80a73c3e96c904238bc463
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 ppBJiKegJ8QA_320x180.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 14 KB
14 KB 40ms
39ms Image
image/jpeg 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ppBJiKegJ8QA_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-196.datapacket.com

Software

BunnyCDN-DE1-565 /

Resource Hash

65b7922d33e18f00370ed37ed20764fd8103dd882f0bc5310ab20225e63f9e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-18 14:39:45
cdn-pullzone: 89010
content-length: 14038
x-amz-request-id: tx000000000000029a2d354-00602e6e21-43b5652-nyc3a
last-modified: Thu, 18 Feb 2021 13:32:48 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 03532f12cbccd857ad2f3849cd5fc800
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 868987f3dd50f8d2ad1b88f292f80750.png
sonsoflibertymedia.com/wp-content/uploads/2021/02/ 925 KB
927 KB 59ms
30ms Image
image/png 2606:4700:20::ac43:4528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonsoflibertymedia.com/wp-content/uploads/2021/02/868987f3dd50f8d2ad1b88f292f80750.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d17b23bd085ec78f7c0b3b32343d0326e59a88f523931d3af6d2c95fbb92bf1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 299503
x-fw-server: Flywheel/4.1.0
x-cache: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X6EYcy9I%2BOBvnjO7WFStFIhsGWyzPnKpENngSB1f5r1tZJR0yuo5x7d7M6BjmmVr9rM9vXXmmPFmN9f44dRir%2BcSOIxbhtAzIcajnHhUYa7kgJoZdCsrN%2BcJNRRRd8tE5HAt"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 946913
cf-request-id: 085e57eb2b0000c272382d7000000001
magicmarker: 1
last-modified: Fri, 05 Feb 2021 15:01:20 GMT
server: cloudflare
etag: "601d5dc0-e72e1"
x-fw-hash: soth990flu
nel: {"max_age":604800,"report_to":"cf-nel"}
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-fw-serve: TRUE
x-fw-type: VISIT
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6243f5bead5ac272-FRA

GET
H2 200 905216003.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 34 KB
34 KB 16ms
16ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/905216003.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3b2f3421826463567e3bec3fa9874849ea143c7cbb59355f758a69e211f350a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 25669
cf-polished: origSize=36401, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34773
cf-request-id: 085e57eb0f00004a8cc29c7000000001
last-modified: Fri, 19 Feb 2021 16:51:58 GMT
server: cloudflare
etag: "602fecae-8e31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 16:54:49 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5be7eaf4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 100 KB
32 KB 34ms
10ms Script
text/javascript 2600:9000:2182:0:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:0:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 414d8b428bdb05db9e520b23c7855cb14d5eee21007b4492d7f151f46ffd0f3a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:54:32 GMT
content-encoding: gzip
age: 486
etag: W/"1911a-/9PKm40I201/anLlzkWA79nhAcc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: CnW-YDFyVShdee5xmRA6q3bgcEUG9xHqt9H8iod6KmwdRcmc7z5iXw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06d6281586cc20dcfdd22a941a99f03827c9b93e3093e8ded84b5f094fbf130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39255
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:02:38 GMT

GET
H2 200 tabs-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 148 B
272 B 27ms
25ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20210219.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29806
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57ea8700004a8cbdb7e000000001
last-modified: Fri, 19 Feb 2021 15:31:53 GMT
server: cloudflare
etag: W/"602fd9e9-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6243f5bdadf74a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 76ms
26ms Script
text/javascript 13.226.159.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-65.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:58:38 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified: Fri, 19 Feb 2021 10:58:30 GMT
server: AmazonS3
age: 47041
etag: "434a3d44a3079aedd890448838582f6c"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 11415
x-amz-cf-id: QEbg3mQJrdgrT0I-Lnys08ML8x-H-8ZMxwa5WM02HfluIMOsuHTkSw==

GET
H2 200 global-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 18 KB
5 KB 18ms
17ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af54c50c8c81bb5de6f8460e58f66372a414cf89628038ef7afc9dd3f49bf50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29806
cf-polished: origSize=18742
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57ea8700004a8c181bd000000001
last-modified: Fri, 19 Feb 2021 15:31:50 GMT
server: cloudflare
etag: W/"602fd9e6-4936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6243f5bdadf84a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 21ms
20ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1421840
cf-polished: origSize=149701
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57ea8800004a8cb523d000000001
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 6243f5bdadf94a8c-FRA
expires: Wed, 10 Feb 2021 13:05:17 GMT

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 92A1 67 KB
24 KB 122ms
121ms Script
application/javascript 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=143

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vbdroz/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

bc9660d7ac46301f011dd70e699141c6a69b3f206a4283c3dceb385dd5b52655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 01:57:42 GMT
server: nginx
etag: W/"6025e096-10cbe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 VmSzb.OvCc-small-Senate-Majority-Blurts-Out-.jpg
i.rmbl.ws/s8/1/V/m/S/z/ Frame 92A1 60 KB
60 KB 71ms
19ms Image
image/jpeg 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.rmbl.ws/s8/1/V/m/S/z/VmSzb.OvCc-small-Senate-Majority-Blurts-Out-.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbdroz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8ACE) /
Resource Hash: cc72c12855f4a120e4b586dcc7b589ec2691fb300fdf362f413b9945c82dab5d

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
last-modified: Fri, 19 Feb 2021 21:09:30 GMT
server: ECAcc (ama/8ACE)
age: 10269
etag: "2195620068"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 61172
expires: Sun, 20 Feb 2022 00:02:38 GMT

GET
H2 206 VmSzb.caa.1.mp4
sp.rmbl.ws/s8/2/V/m/S/z/ Frame 92A1 35 KB
0 72ms
25ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/V/m/S/z/VmSzb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbdroz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: ECAcc (lha/8DE5) /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
last-modified: Fri, 19 Feb 2021 22:11:14 GMT
server: ECAcc (lha/8DE5)
age: 39
etag: "3316618930"
x-hw: 1613779358.cds092.lo4.hn,1613779358.cds091.lo4.c
content-type: video/mp4
Content-Range: bytes 0-358184068/358184069
cache-control: public,max-age=432000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 358184069

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame F2BC 67 KB
24 KB 146ms
146ms Script
application/javascript 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=143

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vbdb4t/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

bc9660d7ac46301f011dd70e699141c6a69b3f206a4283c3dceb385dd5b52655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vbdb4t/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 01:57:42 GMT
server: nginx
etag: W/"6025e096-10cbe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 z9Mzb.OvCc-small-Do-You-Have-Any-Idea-What-I.jpg
i.rmbl.ws/s8/1/z/9/M/z/ Frame F2BC 72 KB
72 KB 20ms
20ms Image
image/jpeg 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.rmbl.ws/s8/1/z/9/M/z/z9Mzb.OvCc-small-Do-You-Have-Any-Idea-What-I.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbdb4t/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B0E) /
Resource Hash: 03d6ec8a76d3a9db9c6fba92a0d3da571a977b4707467dc5e7e4c2c5cfe4f2bb

Request headers

Referer: https://rumble.com/embed/vbdb4t/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
last-modified: Fri, 19 Feb 2021 12:42:46 GMT
server: ECAcc (ama/8B0E)
age: 40763
etag: "1367431499"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 73615
expires: Sun, 20 Feb 2022 00:02:38 GMT

GET
H2 206 z9Mzb.caa.1.mp4
sp.rmbl.ws/s8/2/z/9/M/z/ Frame F2BC 64 KB
0 91ms
91ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/z/9/M/z/z9Mzb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbdb4t/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbdb4t/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
last-modified: Fri, 19 Feb 2021 13:00:13 GMT
access-control-allow-origin: *
etag: "600e827c2b0ec4baa8d38253c138c519-65"
x-hw: 1613779358.cds092.lo4.hn,1613779358.cds233.lo4.c
content-type: video/mp4
Content-Range: bytes 0-338614005/338614006
cache-control: max-age=2592000
accept-ranges: bytes
Content-Length: 338614006

GET
H2 206 VmSzb.caa.1.mp4
sp.rmbl.ws/s8/2/V/m/S/z/ Frame 92A1 64 KB
0 151ms
150ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/V/m/S/z/VmSzb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbdroz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: ECAcc (lha/8DE5) /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=352714752-

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
last-modified: Fri, 19 Feb 2021 22:11:14 GMT
server: ECAcc (lha/8DE5)
age: 39
etag: "3316618930"
x-hw: 1613779358.cds092.lo4.hn,1613779358.cds091.lo4.c
content-type: video/mp4
Content-Range: bytes 352714752-358184068/358184069
cache-control: public,max-age=432000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 5469317

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 92A1 46 KB
19 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 686
date: Fri, 19 Feb 2021 23:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 20 Feb 2021 01:51:12 GMT

POST
H2 200 view...bdroz.gnqtpk
rumble.com/l/ Frame 92A1 35 B
191 B 123ms
121ms Other
image/gif 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...bdroz.gnqtpk?p=2.3&r=79139679&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=143

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 20 Feb 2021 00:02:38 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 92A1 326 KB
112 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vbdroz/?pub=hw409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114825
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:02:38 GMT

GET
H2 206 z9Mzb.caa.1.mp4
sp.rmbl.ws/s8/2/z/9/M/z/ Frame F2BC 3 MB
3 MB 217ms
215ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/z/9/M/z/z9Mzb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbdb4t/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ea3824e6cde98cd10278f531e8dfc2568b1bd922299dc24a75c3e4b90a8e0048

Request headers

Referer: https://rumble.com/embed/vbdb4t/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=335052800-

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
last-modified: Fri, 19 Feb 2021 13:00:13 GMT
access-control-allow-origin: *
etag: "600e827c2b0ec4baa8d38253c138c519-65"
x-hw: 1613779358.cds092.lo4.hn,1613779358.cds233.lo4.c
content-type: video/mp4
Content-Range: bytes 335052800-338614005/338614006
cache-control: max-age=2592000
accept-ranges: bytes
Content-Length: 3561206

GET
H3-Q050 200 bridge3.443.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5BB6 576 KB
189 KB 34ms
20ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cdd9ff0d35d7ccf8e2092985f761c9a06fc2126fd3caceed43adfac938a1a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.443.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rumble.com/embed/vbdroz/?pub=hw409
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rumble.com/embed/vbdroz/?pub=hw409

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192659
date: Thu, 18 Feb 2021 19:41:26 GMT
expires: Fri, 18 Feb 2022 19:41:26 GMT
last-modified: Wed, 17 Feb 2021 22:18:32 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 102072
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 92A1 26 KB
11 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:02:38 GMT

GET VmSzb.caa.1.mp4
sp.rmbl.ws/s8/2/V/m/S/z/ Frame 92A1 0
0

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B107 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1728
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:33:50 GMT

GET
H2 206 VmSzb.caa.1.mp4
sp.rmbl.ws/s8/2/V/m/S/z/ Frame 92A1 5 MB
5 MB 191ms
191ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/V/m/S/z/VmSzb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbdroz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: ECAcc (lha/8DE5) /
Resource Hash: 494b1701051e03edb54f427a94d71ff944e81ef2698206d60a8cdab0cdd6b9c7

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=352780288-

Response headers

date: Sat, 20 Feb 2021 00:02:38 GMT
last-modified: Fri, 19 Feb 2021 22:11:14 GMT
server: ECAcc (lha/8DE5)
age: 39
etag: "3316618930"
x-hw: 1613779358.cds092.lo4.hn,1613779358.cds091.lo4.c
content-type: video/mp4
Content-Range: bytes 352780288-358184068/358184069
cache-control: public,max-age=432000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 5403781

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame F2BC 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=143

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/embed/vbdb4t/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 686
date: Fri, 19 Feb 2021 23:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 20 Feb 2021 01:51:12 GMT

POST
H2 200 view...bdb4t.e90p68
rumble.com/l/ Frame F2BC 35 B
191 B 119ms
119ms Other
image/gif 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...bdb4t.e90p68?p=2.3&r=79139679&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=143

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vbdb4t/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 20 Feb 2021 00:02:38 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame F695 241 KB
66 KB 85ms
42ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211200
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3e7874d693e811660a3f3015f0784629f49e7835ff364f51fae2851ed9cedb

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 2789
cf-polished: origSize=246863
last-modified: Mon, 15 Feb 2021 08:40:47 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F393B4D7C3B98E09
x-amz-id-2: 55B67oMhKpdIBXn7mZyxEcBLpTy54C0Va5FuEPDSrlQJ97N9TbMjhEJeDZfsPb/dfh6WUK6s9UU=
cf-bgj: minify
server: cloudflare
etag: W/"eb92c46586896b20de0b632c151f4192"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 085e57edbc0000fa3c32a71000000001
cf-ray: 6243f5c2cb88fa3c-AMS
expires: Sat, 20 Feb 2021 03:02:39 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 21A3 240 KB
65 KB 125ms
83ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211200
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c4f48f8e70771e127127f49ee2b9e73e0e03e03e93adb2852cc6b5d31e696d9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 2583
cf-polished: origSize=245438
last-modified: Thu, 11 Feb 2021 09:37:47 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0ZCVESEVDH8KDM3Y
x-amz-id-2: YqS3t3GAElwlBTWZhnAHZXZdiBCeSPXae37Xc3T3+0NTf/G6R84REUTY2T2LmvT3DSX/9XW2L3o=
cf-bgj: minify
server: cloudflare
etag: W/"a77430bf44717e10749e79a96e9f2132"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 085e57edc00000fa3cdd8ad000000001
cf-ray: 6243f5c2cb8afa3c-AMS
expires: Sat, 20 Feb 2021 03:02:39 GMT

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 4AFA 20 KB
7 KB 80ms
25ms Document
text/html 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

148ef126484c19d7656765bd31924aca3c2515a68b6e2e0dc70abd06e4e47d8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://rum-static.pingdom.net/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://www.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-gVVYOQYtB6IozE8Y'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Fri, 19 Feb 2021 23:44:12 GMT
expires: Sat, 20 Feb 2021 00:44:12 GMT
cache-control: max-age=3600
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://rum-static.pingdom.net/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://www.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-gVVYOQYtB6IozE8Y'; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: sif0_im-BYO6cry1cDV3B_UoUVKZsRSr_3aKCcItbewbaZ0jnorwgg==
age: 1107

GET
H2 206 z9Mzb.caa.1.mp4
sp.rmbl.ws/s8/2/z/9/M/z/ Frame F2BC 128 KB
0 92ms
90ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/z/9/M/z/z9Mzb.caa.1.mp4?u=0&b=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbdb4t/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
last-modified: Fri, 19 Feb 2021 13:00:13 GMT
access-control-allow-origin: *
etag: "600e827c2b0ec4baa8d38253c138c519-65"
x-hw: 1613779359.cds092.lo4.hn,1613779359.cds233.lo4.c
content-type: video/mp4
Content-Range: bytes 0-338614005/338614006
cache-control: max-age=2592000
accept-ranges: bytes
Content-Length: 338614006

POST
H/1.1 200
OK count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
619 B 465ms
153ms XHR
text/html 64.62.227.5
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.5 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d6f51b41d8e7c24e26ba17cc31cd59614a9a62f669fffd9aac8536e80b0a771e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 20 Feb 2021 00:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 jsDynamic-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 7 KB
2 KB 18ms
16ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724d7b74367497bb10c46d55c5490246031ae83559b82b20d6199508674b8202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29817
cf-polished: origSize=7634
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57edd000004a8cf6a81000000001
last-modified: Fri, 19 Feb 2021 15:31:52 GMT
server: cloudflare
etag: W/"602fd9e8-1dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6243f5c2ead14a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:42 GMT

GET
H2 200 responsive-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29817
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57edd000004a8c27234000000001
last-modified: Fri, 19 Feb 2021 15:31:52 GMT
server: cloudflare
etag: W/"602fd9e8-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6243f5c2ead24a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:42 GMT

GET
H2 200 validate-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 17ms
15ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29817
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57edd000004a8c22b64000000001
last-modified: Fri, 19 Feb 2021 15:31:54 GMT
server: cloudflare
etag: W/"602fd9ea-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6243f5c2ead34a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:42 GMT

GET
H2 200 loadmore-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29869
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57edd000004a8ca08b9000000001
last-modified: Fri, 19 Feb 2021 15:31:52 GMT
server: cloudflare
etag: W/"602fd9e8-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6243f5c2ead44a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:44:50 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

a5805ef2d343fa6e0f7897271b265c68b908bfd72b12eb1e6edc0e88a1ad940c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 unnamed%20(1)(16).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 52 KB
53 KB 14ms
14ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnamed%20(1)(16).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63763792847452282ff1fc0dc410b41e8d96f037ff1ee8d65f09eb0144ec697a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 23449
cf-polished: origSize=55958, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53497
cf-request-id: 085e57edda00004a8ca88a3000000001
last-modified: Fri, 19 Feb 2021 16:56:10 GMT
server: cloudflare
etag: "602fedaa-da96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 17:31:50 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c2fadf4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5f2c559be7229f0012f31c92.js Show response
buttons-config.sharethis.com/js/ 1 KB
875 B 54ms
29ms Script
text/javascript 2600:9000:2182:4800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f2c559be7229f0012f31c92.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:4800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: gzip
etag: W/"321dc6041bb0ea183e662f402b588149"
last-modified: Thu, 06 Aug 2020 20:50:47 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-id: f0LajX_N2nBvl2O3YJJUcrJ-MPTT0HN8Bb86-9dgJjIomIV6z7tKbA==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 687
date: Fri, 19 Feb 2021 23:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 20 Feb 2021 01:51:12 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 510B 2 KB
1 KB 34ms
9ms Document
text/html 2600:9000:2182:5c00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Fri, 19 Feb 2021 23:43:54 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: x8yWPCb9lcUSrzruBAvHtPukbZpYuSiwNWxCr0rCviJqkdDjfq5cpQ==
age: 1125

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 79ms
16ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 16:02:05 GMT
server: nginx
etag: W/"5364-1613750525091"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

GET
H/1.1 200
OK get_banners_direct.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/ 2 KB
1 KB 456ms
155ms XHR
text/html 64.62.227.5
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/get_banners_direct.php?type=on_regular_page&_=1613779359236

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.5 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

7c2e8c9cfe1f294ff2a3b5257f22d63289072426eebdd418524b46923fc93d09

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 00:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 29ms
12ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3104
etag: W/"b952f25ea8995726c8678b65dfe57a51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 6243f5c35bc32b35-FRA
cf-request-id: 085e57ee1800002b359d1c7000000001
expires: Sat, 20 Feb 2021 01:02:39 GMT

GET
H/1.1 200
OK get_items_to_show.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 63 KB
6 KB 456ms
154ms XHR
text/html 64.62.227.5
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1613779359237

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.5 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2de1ce0f166938e7fe472bb4badf07840996f00f5952af5f197aadab8ce0cd0e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 00:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 get-most-recent-stories-list.php Show response
beforeitsnews.com/v3/recent/ 20 KB
5 KB 501ms
500ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1613779359237

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5038965e95ed824e89ea7ee877f18207326aa69e0aa5feef1cb962a75159ca2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57ee0800004a8c14002000000001
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 6243f5c33b114a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H/1.1 200
OK carousel.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/ 879 B
1 KB 459ms
154ms XHR
text/html 64.62.227.5
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/carousel.php?_=1613779359238

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.5 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

4270958138ed79092adee3dd90ca32c03d921e5ce3df9b548e983599dacb3d94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 00:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 20 Feb 2021 01:02:21 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2841
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 20 Feb 2021 00:15:18 GMT

GET
H2 200 en.eee9bb34530339e1.js Show response
s.tradingview.com/static/localization/translations/ Frame 4AFA 291 KB
48 KB 29ms
28ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.eee9bb34530339e1.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

d34406e9ebdf7d7296fc2fcbd92cf41667a22de498daf47dc839317498c823d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47159
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 19 Feb 2021 10:12:07 GMT
server: tv
etag: W/"602f8ef7-bb92"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: fUNoTaOUReHKuPxkAcnyUA6H_tvZHxfeIIXnBQlRblfyhtq8qNTFPQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.7880b9e1fee66fb3cc15.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4AFA 53 KB
20 KB 50ms
49ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.7880b9e1fee66fb3cc15.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

2cb2ad3aa47f82faab1723bdd80987a6d6d9d255ecbadde0ecfba2eb3e820841

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47159
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 19 Feb 2021 10:12:11 GMT
server: tv
etag: W/"602f8efb-4b77"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: mjDyGnJKTdU-P8FZUnpTTb0_mSfz2IPbI2JlXR5qU8Sw5FW1JtMqrg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.5a11590e919bbbbe7f2e.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4AFA 381 KB
127 KB 27ms
26ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.5a11590e919bbbbe7f2e.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

8bd559dad13382260ef019f6a0807b9dd746bd6738a93bcbc77929041e0bb5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 01:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1377552
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Feb 2021 09:36:22 GMT
server: tv
etag: W/"601a6e96-1f798"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: FLw2dEV8ui4BlrbWcCrc-_MXU7sICYX_AYtBPXqSm7FiZncI60Y9oA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.aad002951cba3dc7bb71.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4AFA 272 KB
80 KB 26ms
26ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.aad002951cba3dc7bb71.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

b93dfa09e2344b922b56ca85b3444affeeec2dfaa73b207a8da353057313eb24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47148
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 19 Feb 2021 10:12:11 GMT
server: tv
etag: W/"602f8efb-13ad7"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: aImXK6ajbINTeiM7Q5niIIjquIZkJpp7yGauSyke7UgdHe370oiYmw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.2d0a9a5ee605c85c6982.css
s.tradingview.com/static/bundles/embed/ Frame 4AFA 2 KB
1 KB 51ms
51ms Stylesheet
text/css 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.2d0a9a5ee605c85c6982.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

61897b67e4ea870cfd90b2ec505005298f8e319b15f695547628a5e4635adac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 04:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1712201
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 29 Jan 2021 09:12:45 GMT
server: tv
etag: W/"6013d18d-3f4"
vary: Accept-Encoding
content-type: text/css
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: V9skgJQYzhwoLKzaqU83I2IEVFebREyeDnHSOafAeaK8v2AYI4z3ZQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.2e6202357fd3594485ce.css
s.tradingview.com/static/bundles/embed/ Frame 4AFA 25 KB
5 KB 51ms
51ms Stylesheet
text/css 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.2e6202357fd3594485ce.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

3ea6931d41dff60efe83187d7c547a5b70422bf390ad5265b73e5be9c3623db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 11:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1429266
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Feb 2021 09:36:23 GMT
server: tv
etag: W/"601a6e97-1035"
vary: Accept-Encoding
content-type: text/css
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 5unFzpY8iAuYv3ZzSnG82VhFKf44MKOYBdgQesYdZotArHB1tXhShw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 243 KB
87 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16078
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88693
x-xss-protection: 0
last-modified: Mon, 30 Nov 2020 10:52:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 19:34:41 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 39ms
37ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 2335
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DCB403D7254D6E85
x-amz-id-2: Cnwert1GiENoysUfBDXPF2oxBVB7KvQCrQPePrf/gjyjLKV6G2s01OhrGpZe00vVtwDUBpnt1yc=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 085e57ee630000fa3cee052000000001
cf-ray: 6243f5c3dd1bfa3c-AMS

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 102073
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:26 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1918703325&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=998941772&gjid=1124768789&cid=2090587070.1613779359&tid=UA-16055024-1&_gid=1640681582.1613779359&_r=1&gtm=2ou2a1&z=1939627059

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 102073
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:26 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-16055024-1&cid=2090587070.1613779359&jid=998941772&gjid=1124768789&_gid=1640681582.1613779359&_u=IEBAAUAAAAAAAC~&z=1875470126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 20 Feb 2021 00:02:39 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
1 KB 85ms
83ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=334&cols=1&pv=5&cbuster=1613779359391428450807&uniqId=146d8&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=177bcbed69f953fe173&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4a050ca2e2de2492b659f1f4fbbe9a5169119ed7191ff51563fafda12db6f95

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6243f5c44d9efa3c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57eeaa0000fa3c3e07e000000001

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 17:46:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 22549
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Sat, 19 Feb 2022 17:46:50 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame D206 18 KB
4 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1678
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 20 Feb 2021 00:34:41 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
888 B 6ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 18:23:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 279539
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Wed, 16 Feb 2022 18:23:40 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
134 B 15ms
15ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-16055024-1&cid=2090587070.1613779359&jid=998941772&_u=IEBAAUAAAAAAAC~&z=2038978730

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-16055024-1&cid=2090587070.1613779359&jid=998941772&_u=IEBAAUAAAAAAAC~&z=2038978730

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 76ms
76ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1094&cols=1&pv=5&cbuster=1613779359456880576797&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=177bcbed6e191092a71&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3fdb2a32b2368e2c4f64b51783a43bbc013be19ed8133ec8a1c3295948c5c27

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6243f5c4ae45fa3c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57eeee0000fa3c09adb000000001

GET
H/1.1 200
OK 10864438442185062 Show response
lockerdome.com/lad/ Frame 0BEA 1 KB
2 KB 486ms
127ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Sat, 20 Feb 2021 00:02:39 GMT

GET
H/1.1 200
OK 10864440455450982 Show response
lockerdome.com/lad/ Frame AA2C 1 KB
2 KB 483ms
126ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Sat, 20 Feb 2021 00:02:39 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 95ms
24ms XHR
text/plain 3.124.48.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=beforeitsnews.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fbeforeitsnews.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Before%20It%27s%20News%20%7C%20People%20Powered%20News&cms=unknown&publisher=5f2c559be7229f0012f31c92&sop=true&bsamesite=true&consent_cookie_duration=259&consent_duration=259&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Before%20It%27s%20News%C2%AE%20is%20a%20community%20of%20individuals%20who%20report%20on%20what%27s%20going%20on%20around%20them%2C%20from%20all%20around%20the%20world.%20You%20can%20join%20to%20Contribute%20News%20and%20Comments.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.48.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 00:02:39 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 4AFA 98 KB
38 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.aad002951cba3dc7bb71.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b61ef6b2eab73ab609094bad771535be430387ff3c75bb72bb399acb236953a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39269
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:02:39 GMT

GET
H2 200 273.89109e08565358a840cc.css
s.tradingview.com/static/bundles/embed/ Frame 4AFA 712 B
789 B 22ms
22ms Stylesheet
text/css 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/273.89109e08565358a840cc.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.7880b9e1fee66fb3cc15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

e7619746f6490749626842ab49718b1dd431510d90b13b474f80685e206a5f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 10:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135313
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Feb 2021 09:06:34 GMT
server: tv
etag: W/"602e2e1a-125"
vary: Accept-Encoding
content-type: text/css
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: pQVulqZmtzoZM_xAnztZ01ATuew1x0oPde6IhfQQIjj5i4NFielslA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.341b940f0d0cd97b61b3.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4AFA 4 KB
2 KB 23ms
23ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.341b940f0d0cd97b61b3.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.7880b9e1fee66fb3cc15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

f54f5520fff3867ff9afe8c1f9ce56f228704e69cb49c254657f9f2db04c0ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47155
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 19 Feb 2021 10:12:11 GMT
server: tv
etag: W/"602f8efb-68a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: dgypzHTw8wYFvEuyrAT_wPWn5ssLYPIwHMpBteRgXj7wLRa_gMFHQg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame EA21 3 KB
1 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BJm1JSYioEuT57LS18DUkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-BJm1JSYioEuT57LS18DUkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Sat, 20 Feb 2021 00:02:39 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
944 B 28ms
28ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 2335
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DCB403D7254D6E85
x-amz-id-2: Cnwert1GiENoysUfBDXPF2oxBVB7KvQCrQPePrf/gjyjLKV6G2s01OhrGpZe00vVtwDUBpnt1yc=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 085e57ef3a0000fa3c130fd000000001
cf-ray: 6243f5c52ecbfa3c-AMS

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
852 B 79ms
71ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1613779359542924450380
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73c5ad061e90163522a3082f2c29b69242934fd6e4890bdf96aaf52915619fa5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 521a35e3-d640-4067-a6e5-d322018f9af5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6243f5c53eeefa3c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57ef470000fa3c2997b000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 5272 19 B
315 B 119ms
115ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1613779359546161813333
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9e638652-5a5c-4be9-9338-8a9effd20360
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6243f5c53ef0fa3c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57ef480000fa3c48876000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp
s-img.mgid.com/g/8193499/492x328/125x507x492x328/ 35 KB
36 KB 28ms
26ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193499/492x328/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1613779359-dGe4gkvui-QGplWO6vUpVUSA5H-p6-mWTPvEIf220vY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca6a1deffca1b5641230245a8f4449da068519b436c439368f6dd8fd33a9c61

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: c28d24f7-4f8d-4557-922b-cb4361f1980e
age: 837574
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36220
cf-request-id: 085e57ef460000fa3cea8dc000000001
last-modified: Wed, 10 Feb 2021 07:16:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c53eeafa3c-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp
s-img.mgid.com/g/8193499/492x328/125x507x492x328/ Frame F695 35 KB
36 KB 34ms
33ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193499/492x328/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1613779359-dGe4gkvui-QGplWO6vUpVUSA5H-p6-mWTPvEIf220vY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca6a1deffca1b5641230245a8f4449da068519b436c439368f6dd8fd33a9c61

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: c28d24f7-4f8d-4557-922b-cb4361f1980e
age: 837574
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36220
cf-request-id: 085e57ef460000fa3ce48fc000000001
last-modified: Wed, 10 Feb 2021 07:16:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c53ee9fa3c-AMS

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 4AFA 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 687
date: Fri, 19 Feb 2021 23:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 20 Feb 2021 01:51:12 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp
s-img.mgid.com/g/8164835/492x277/0x91x1080x720/ 12 KB
12 KB 24ms
22ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164835/492x277/0x91x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp?v=1613779359-o9PXZMNsr4sLYBCEiEpbaYkX245akjx7o2D_V4-gBoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505864f9436def05580211dd30d70e6c5dfd59b7c3b65a900687004174e25975

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: eeecd54e-64aa-4fdd-be34-3d828772ec55
age: 999604
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12586
cf-request-id: 085e57ef5b0000fa3c4297e000000001
last-modified: Mon, 08 Feb 2021 10:20:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c55f18fa3c-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp
s-img.mgid.com/g/8164899/492x277/0x39x564x376/ 23 KB
23 KB 28ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164899/492x277/0x39x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1613779359-5JB9zerhB5gLbXY8nl3c31gUQ8UFQ6X-02qDzljCskk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69fbfbc9279160579b8728c24a0170fa7b184e776777d4bc8e6681f3c7f5efa

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 8e35e230-36e0-40c3-9b53-d1ef4d8c510c
age: 999617
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23262
cf-request-id: 085e57ef5b0000fa3c26bad000000001
last-modified: Mon, 08 Feb 2021 10:20:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c55f1afa3c-AMS

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y...
s-img.mgid.com/g/8164840/492x277/-/ 16 KB
16 KB 26ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164840/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y2VlZjQ2NTAwOTM4YTMxYzMuanBn.webp?v=1613779359-YwelW7uVY_K1S6K5CJz8kSdwXhx1RU9M5Ey-XwYJJGg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef5b36ccbdec33b7bce73a0ecd576dce20937cedf180223bd4eb52e5a8168a46

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: f788a246-0762-4813-b563-6781b75fba9d
age: 999656
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16344
cf-request-id: 085e57ef5c0000fa3cf2905000000001
last-modified: Mon, 08 Feb 2021 10:20:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c55f1dfa3c-AMS

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvZTk2MWE2ZDE3ZTlhYzUxO...
s-img.mgid.com/g/8164853/492x277/-/ 7 KB
7 KB 24ms
24ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164853/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvZTk2MWE2ZDE3ZTlhYzUxODY4OTM0MGU1ZjMyYWY3MDcuanBn.webp?v=1613779359-FXOnl2T-CxvO40NwbuCrrvY1eENJ1hI7SrWHEB_z7JU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61892e5d7ead63a82575f9f2c5e0ae521cc6e81f63b695fbf0aeb8ecf753cdea

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 22e4e009-a1b0-45b7-89b9-1c749d76d8d5
age: 999549
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7280
cf-request-id: 085e57ef620000fa3c34b0c000000001
last-modified: Mon, 08 Feb 2021 10:20:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c56f2dfa3c-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp
s-img.mgid.com/g/8164835/492x277/0x91x1080x720/ Frame 21A3 12 KB
12 KB 25ms
24ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164835/492x277/0x91x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp?v=1613779359-o9PXZMNsr4sLYBCEiEpbaYkX245akjx7o2D_V4-gBoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505864f9436def05580211dd30d70e6c5dfd59b7c3b65a900687004174e25975

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: eeecd54e-64aa-4fdd-be34-3d828772ec55
age: 999604
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12586
cf-request-id: 085e57ef5b0000fa3c508df000000001
last-modified: Mon, 08 Feb 2021 10:20:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c55f19fa3c-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp
s-img.mgid.com/g/8164899/492x277/0x39x564x376/ Frame 21A3 23 KB
23 KB 28ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164899/492x277/0x39x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1613779359-5JB9zerhB5gLbXY8nl3c31gUQ8UFQ6X-02qDzljCskk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69fbfbc9279160579b8728c24a0170fa7b184e776777d4bc8e6681f3c7f5efa

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 8e35e230-36e0-40c3-9b53-d1ef4d8c510c
age: 999617
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23262
cf-request-id: 085e57ef690000fa3c0599c000000001
last-modified: Mon, 08 Feb 2021 10:20:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c57f39fa3c-AMS

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y...
s-img.mgid.com/g/8164840/492x277/-/ Frame 21A3 16 KB
16 KB 26ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164840/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y2VlZjQ2NTAwOTM4YTMxYzMuanBn.webp?v=1613779359-YwelW7uVY_K1S6K5CJz8kSdwXhx1RU9M5Ey-XwYJJGg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef5b36ccbdec33b7bce73a0ecd576dce20937cedf180223bd4eb52e5a8168a46

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: f788a246-0762-4813-b563-6781b75fba9d
age: 999656
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16344
cf-request-id: 085e57ef720000fa3ce002c000000001
last-modified: Mon, 08 Feb 2021 10:20:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c58f4ffa3c-AMS

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvZTk2MWE2ZDE3ZTlhYzUxO...
s-img.mgid.com/g/8164853/492x277/-/ Frame 21A3 7 KB
7 KB 25ms
24ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164853/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvZTk2MWE2ZDE3ZTlhYzUxODY4OTM0MGU1ZjMyYWY3MDcuanBn.webp?v=1613779359-FXOnl2T-CxvO40NwbuCrrvY1eENJ1hI7SrWHEB_z7JU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61892e5d7ead63a82575f9f2c5e0ae521cc6e81f63b695fbf0aeb8ecf753cdea

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 22e4e009-a1b0-45b7-89b9-1c749d76d8d5
age: 999549
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7280
cf-request-id: 085e57ef750000fa3cdd8c3000000001
last-modified: Mon, 08 Feb 2021 10:20:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6243f5c58f52fa3c-AMS

GET
H3-Q050 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 7ms
6ms Image
image/gif 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 70619
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:40 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6EB3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

291 B
559 B

79ms
27ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1613779359542924450380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 Feb 2021 00:02:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sat, 20 Feb 2021 00:02:39 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55859/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l1jDBmQFYd2g
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l1jDBmQFYd2g
https://pixel.advertising.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent=
https://pixel.advertising.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent=&apid=UPf288cc99-730e-11eb-9eb6-0622eb2986d2
https://ups.analytics.yahoo.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent=&apid=UPf288cc99-730e-11eb-9eb6-0622eb2986d2&verify=true

0
964 B

26ms
25ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent=&apid=UPf288cc99-730e-11eb-9eb6-0622eb2986d2&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 00:02:40 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Sat, 20 Feb 2021 00:02:40 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=31ae7791-6405-4250-912a-a82c50d2486b&_origin=1&gdpr=&gdpr_consent=&apid=UPf288cc99-730e-11eb-9eb6-0622eb2986d2&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=u7NRa2A7nbjc.AikABlF3vL6neg&expires=30&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=31ae7791-6405-4250-912a-a82c50d2486b&gdpr=&gdpr_consent=&us_privacy=

43 B
259 B

75ms
75ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=31ae7791-6405-4250-912a-a82c50d2486b&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:40 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: d0a07547-5ec3-4c62-b5d6-b0345f79c8b8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6243f5c9bcc8fa3c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57f2180000fa3c0c0e8000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=31ae7791-6405-4250-912a-a82c50d2486b&gdpr=&gdpr_consent=&us_privacy=
date: Sat, 20 Feb 2021 00:02:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 160ms
121ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l1jDBmQFYd2g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6243f5c61968c867-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 085e57efcd0000c867c9315000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=Ng6KxzKdhWBGO4USTe6t&pi=mgid&tc=1

43 B
482 B

76ms
76ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=Ng6KxzKdhWBGO4USTe6t&pi=mgid&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 25849bed-6d9a-491b-995d-5bfd3b72c830
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6243f5c68855fa3c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57f0160000fa3c1f04a000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=Ng6KxzKdhWBGO4USTe6t&pi=mgid&tc=1
pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT, Sat, 20 Feb 2021 00:02:39 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=d48c87d2-50ab-47e8-b5a8-9fefce6aff76&ttl=1616371359

43 B
369 B

78ms
78ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=d48c87d2-50ab-47e8-b5a8-9fefce6aff76&ttl=1616371359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:40 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b0a7ff7b-f4e0-484e-869b-f94433441a00
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6243f5c84af5fa3c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57f12c0000fa3c4cb5a000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=d48c87d2-50ab-47e8-b5a8-9fefce6aff76&ttl=1616371359
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
623 B 108ms
65ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l1jDBmQFYd2g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6243f5c61b420b63-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57efd200000b63dc334000000001

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFqREJtUUZZZDJn&muidn=l1jDBmQFYd2g
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFqREJtUUZZZDJn&muidn=l1jDBmQFYd2g&google_tc=
https://cm.mgid.com/google?muidn=l1jDBmQFYd2g&google_ula={guid},5&google_gid=CAESEEH_YKYrYASXMLEMgMyFjPE&google_cver=1

0
108 B

71ms
70ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l1jDBmQFYd2g&google_ula={guid},5&google_gid=CAESEEH_YKYrYASXMLEMgMyFjPE&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6243f5c69877fa3c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e57f0200000fa3cf290d000000001

Redirect headers

pragma: no-cache
date: Sat, 20 Feb 2021 00:02:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l1jDBmQFYd2g&google_ula={guid},5&google_gid=CAESEEH_YKYrYASXMLEMgMyFjPE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e28e9ed3cfa56dfb17832c9fce2bce8f7225fe1b.jpg
beforeitsnews.com/img/i2021/02/ 35 KB
35 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/e28e9ed3cfa56dfb17832c9fce2bce8f7225fe1b.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85c96975ada9e742e0c39ae4514eca0002dd691af8bc9985b520075448eb3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 315630
cf-polished: origSize=68837, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35768
cf-request-id: 085e57eff500004a8c0881b000000001
last-modified: Fri, 22 Jan 2021 17:52:28 GMT
server: cloudflare
etag: "600b10dc-10ce5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 08:22:09 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6243f5c65dcb4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 39d06cdb7aae54703e7f5324f8b35cba63665f4f.jpg
beforeitsnews.com/img/i2021/02/ 35 KB
35 KB 18ms
17ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/39d06cdb7aae54703e7f5324f8b35cba63665f4f.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85c96975ada9e742e0c39ae4514eca0002dd691af8bc9985b520075448eb3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 315692
cf-polished: origSize=68837, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35768
cf-request-id: 085e57eff500004a8cfb376000000001
last-modified: Fri, 22 Jan 2021 17:44:15 GMT
server: cloudflare
etag: "600b0eef-10ce5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 08:21:07 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6243f5c65dcc4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg
beforeitsnews.com/img/i2021/02/ 15 KB
16 KB 19ms
18ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9878dd957f48d334a326be363d7eefe2eb9a79f2d7d34763e44598e42e18cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 315229
cf-polished: origSize=16737, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15536
cf-request-id: 085e57eff500004a8c323b3000000001
last-modified: Fri, 16 Aug 2019 22:57:14 GMT
server: cloudflare
etag: "5d5734ca-4161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 08:28:50 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6243f5c65dcd4a8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 206 VmSzb.caa.1.mp4
sp.rmbl.ws/s8/2/V/m/S/z/ Frame 92A1 128 KB
0 27ms
26ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/V/m/S/z/VmSzb.caa.1.mp4?u=0&b=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: ECAcc (lha/8DE5) /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbdroz/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
last-modified: Fri, 19 Feb 2021 22:11:14 GMT
server: ECAcc (lha/8DE5)
age: 39
etag: "3316618930"
x-hw: 1613779359.cds092.lo4.hn,1613779359.cds091.lo4.c
content-type: video/mp4
Content-Range: bytes 0-358184068/358184069
cache-control: public,max-age=432000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 358184069

GET
H2 200 sxLxYxKmIsA Show response
www.youtube.com/embed/ Frame 8B5C 52 KB
22 KB 56ms
55ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/sxLxYxKmIsA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a979ff21bbd64e4f4bc14aca5abb13d4aa6748c90cb33ccd7cb41475ff0f362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/sxLxYxKmIsA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Feb 2021 00:02:39 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=YTqDBPPS9AY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=NXEKnRNRBbw; Domain=.youtube.com; Expires=Thu, 19-Aug-2021 00:02:39 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+662; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6EB3 31 KB
10 KB 28ms
28ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5c5a22c704da51d236b29ae32a979a1a8f06969896795c03807774f6de684507

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 00:02:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23493
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9309
Expires: Sat, 20 Feb 2021 06:34:12 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/1c732901/ Frame 8B5C 340 KB
51 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sxLxYxKmIsA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 3227
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52112
x-xss-protection: 0
expires: Sat, 19 Feb 2022 23:08:52 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/1c732901/www-embed-player.vflset/ Frame 8B5C 157 KB
57 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sxLxYxKmIsA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2812b5871e2eb8b88106d7c764dd455a05f541a5dc56d6338b0ce912cdef09e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 16439
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58449
x-xss-protection: 0
expires: Sat, 19 Feb 2022 19:28:40 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/ Frame 8B5C 2 MB
495 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sxLxYxKmIsA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f50c53e0d96300d7a6c66b9b337b3435531fdef0a2763d4cdd7c973e1df35efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 15127
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 506939
x-xss-protection: 0
expires: Sat, 19 Feb 2022 19:50:32 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1c732901/fetch-polyfill.vflset/ Frame 8B5C 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sxLxYxKmIsA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 112626
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:45:33 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8B5C 10 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sxLxYxKmIsA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 70621
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:38 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6EB3 284 B
536 B 98ms
24ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/jpg

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 8B5C 113 B
230 B 38ms
38ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

911410ce3a1a88fabd28f3ebe1680eb8d49273bfd7c750c347c8c12539ddcbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8B5C 29 B
91 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:00:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 133
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:15:26 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/ Frame 8B5C 95 KB
31 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdbd1eb459cc3afe33f1a009acd8b3dc10faf7abffbdb86af951ad89a5eb86f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 3528
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32166
x-xss-protection: 0
expires: Sat, 19 Feb 2022 23:03:51 GMT

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
www.google.com/js/bg/ Frame 8B5C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 44764
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Sat, 19 Feb 2022 11:36:35 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/ Frame 8B5C 29 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214f4dfa46fa3332319a25096f499e734e2ff5acdfddf37c4313e7f0f7c9d003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 112119
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9675
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:54:00 GMT

GET
DATA 200
OK truncated
/ Frame 8B5C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwngzJhO6z9E6Om-qnZ4qSeynMHezq1Q5SpYHsfW1Fw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8B5C 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwngzJhO6z9E6Om-qnZ4qSeynMHezq1Q5SpYHsfW1Fw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sxLxYxKmIsA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a58df31c600dfdedd12125df9b9d31a20c3e8c69b8d6e95b8341eade909b098c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 23:00:48 GMT
x-content-type-options: nosniff
age: 3711
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2641
x-xss-protection: 0
server: fife
etag: "v3297"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 Feb 2021 10:36:28 GMT

GET
H3-Q050 200 sddefault.webp
i.ytimg.com/vi_webp/sxLxYxKmIsA/ Frame 8B5C 23 KB
23 KB 29ms
15ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/sxLxYxKmIsA/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sxLxYxKmIsA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c030d8aad3b193c36a4350509774cc420a86bd26b4c1c0a0f6232cdd7ba624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:53:44 GMT
x-content-type-options: nosniff
server: sffe
age: 4135
etag: "1613447069"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23686
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:53:44 GMT

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8B5C 4 KB
2 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:02:40 GMT

GET
H3-Q050 200 dc.js Show response
stats.g.doubleclick.net/ Frame AA2C 45 KB
17 KB 16ms
15ms Script
text/javascript 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4911
date: Fri, 19 Feb 2021 22:40:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 20 Feb 2021 00:40:48 GMT

GET
H3-Q050 200 dc.js Show response
stats.g.doubleclick.net/ Frame 0BEA 45 KB
17 KB 16ms
16ms Script
text/javascript 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4911
date: Fri, 19 Feb 2021 22:40:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 20 Feb 2021 00:40:48 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 8B5C 0
36 B 6ms
5ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?EyVJ4g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/sxLxYxKmIsA
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/sxLxYxKmIsA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 00:02:40 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 4AFA 3 KB
794 B 37ms
10ms Image
image/svg+xml 2600:9000:2182:de00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4770f3dcd578f18a061c8705062bad7e959f3747f5c772749ccff4d63969480f

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:19:44 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:38 GMT
server: AmazonS3
age: 1032177
etag: W/"a1b146ea9ea1303b88095fbaca07491a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
x-amz-meta-hash: a1b146ea9ea1303b88095fbaca07491a
x-amz-cf-id: pmok61Ig5Ahiv2KSzEhMbQQxBU4S4i5dJvAv19AKdJIFWlVwBi0NFw==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 4AFA 593 B
973 B 37ms
9ms Image
image/svg+xml 2600:9000:2182:de00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f026c82d20e24dcaa217ccdc82d8cb03354a04d52d24a3dcf0e01c159684bdd

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 02:28:12 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
last-modified: Wed, 25 Nov 2020 10:21:55 GMT
server: AmazonS3
age: 1114469
etag: "11e845c99b248e12f62f5bfc0346feb1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: DUS51-C1
x-amz-meta-hash: 11e845c99b248e12f62f5bfc0346feb1
content-length: 593
x-amz-cf-id: cl9_SWluIdLurAv-zLagiMqfbqSNd90cwnn0trUaxHKlk0xLGmYWfA==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 4AFA 813 B
1 KB 35ms
10ms Image
image/svg+xml 2600:9000:2182:de00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a884bfd027efb4d6d028140f6af4ee69c0158f184e18c81b5503e90b6c46a313

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 19:40:14 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
last-modified: Wed, 25 Nov 2020 10:20:00 GMT
server: AmazonS3
age: 188547
etag: "95a42c153dde1fd4811492fe7d5fc213"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: DUS51-C1
x-amz-meta-hash: 95a42c153dde1fd4811492fe7d5fc213
content-length: 813
x-amz-cf-id: U9mNsuBEz4OYHJEB1KUuonkykBUMpC4646vs63dZWmt4c9Ek5R0kkg==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 4AFA 1 KB
938 B 34ms
10ms Image
image/svg+xml 2600:9000:2182:de00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c67b269c17240c6a06dc1e095b2e3117bf36707dc5574bce3257a96b89792f82

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 00:46:21 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:06 GMT
server: AmazonS3
age: 1120580
etag: W/"7ae11541fa642c5193d8bd4a14f06f20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
x-amz-meta-hash: 7ae11541fa642c5193d8bd4a14f06f20
x-amz-cf-id: S_B9PDPdPrcPN0NYewHvyGYhpM2Er7Q3rMYTifC6ySJQtjDfiuEACA==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 4AFA 3 KB
793 B 9ms
9ms Image
image/svg+xml 2600:9000:2182:de00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.aad002951cba3dc7bb71.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4770f3dcd578f18a061c8705062bad7e959f3747f5c772749ccff4d63969480f

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:19:44 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:38 GMT
server: AmazonS3
age: 1032179
etag: W/"a1b146ea9ea1303b88095fbaca07491a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
x-amz-meta-hash: a1b146ea9ea1303b88095fbaca07491a
x-amz-cf-id: bB06A4Byzk_xVLY7MkTDHxti1sVoLnOmZ2shCBxiomCcjdci-k7mfQ==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 4AFA 1 KB
937 B 9ms
9ms Image
image/svg+xml 2600:9000:2182:de00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.aad002951cba3dc7bb71.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c67b269c17240c6a06dc1e095b2e3117bf36707dc5574bce3257a96b89792f82

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 00:46:21 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:06 GMT
server: AmazonS3
age: 1120582
etag: W/"7ae11541fa642c5193d8bd4a14f06f20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
x-amz-meta-hash: 7ae11541fa642c5193d8bd4a14f06f20
x-amz-cf-id: A7WGa51lIpyj_LJ44gJzLO0xsco2-rkkqshfHIBNnq_Qck17xje1UA==

GET
H2 200 protobuf-handler.8af4c04ea75a28c1d98a.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4AFA 122 KB
27 KB 25ms
24ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/protobuf-handler.8af4c04ea75a28c1d98a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.7880b9e1fee66fb3cc15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-59.dus51.r.cloudfront.net

Software

tv /

Resource Hash

772e2829664d6a5ecd75824c63e6491160e5b7e207b09a79b9e9168bfc218e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 23:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346423
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Feb 2021 10:10:15 GMT
server: tv
etag: W/"602a4887-6857"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: N7NWaghTbxgaP2kk2iaEy1pOuTZzcNHzrPiwiO3Q-tzz2tPCrHAyVA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8B5C 28 B
287 B 19ms
19ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/sxLxYxKmIsA
X-YouTube-Client-Version: 1.20210217.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtOWEVLblJOUkJidyifo8GBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613779359837&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image&bid=ANyPxKp78sIauKgDQeEGqAB_e4lh26nO1lZYs5j6c_ldcphImx1KUo7G0WfFcAf0EHEPVNXP-rf9cXSbODoTxzWS9HjpAn9HzA

Response headers

date: Sat, 20 Feb 2021 00:02:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 20 Feb 2021 00:02:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sp.rmbl.ws
URL: https://sp.rmbl.ws/s8/2/V/m/S/z/VmSzb.caa.1.mp4?u=0&b=0

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1970-01-19 16:16:27	Name: __cflb Value: 04dToerZmTfQcfwEHt8ULGdndf17BZ47wG8rJByCTH
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
.beforeitsnews.com/	1970-01-19 16:59:31	Name: __cfduid Value: d98f762e447e5bd5ce24ef779ed475a021613779357

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	(Line 1) Message: [Web Cached] Loaded time: 0.00216s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211200(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211200(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.beforeitsnews.com
ajax.cloudflare.com
amg-news.com
ams.creativecdn.com
beforeitsnews.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
drcharlieward.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgflip.com
i.rmbl.ws
i.ytimg.com
imasdk.googleapis.com
img.beforeitsnews.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
justusaknight.files.wordpress.com
l.sharethis.com
lockerdome.com
match.adsrvr.org
media.breitbart.com
pagead2.googlesyndication.com
pixel.advertising.com
platform-api.sharethis.com
px.adhigh.net
rddywd.com
rumble.com
s-img.mgid.com
s.tradingview.com
s0.2mdn.net
s3-symbol-logo.tradingview.com
s3.tradingview.com
secure-assets.rubiconproject.com
servicer.mgid.com
sonsoflibertymedia.com
sp.rmbl.ws
static-3.bitchute.com
static.doubleclick.net
stats.g.doubleclick.net
token.rubiconproject.com
translate.google.com
translate.googleapis.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
sp.rmbl.ws
104.154.142.214
104.16.199.73
104.18.64.15
104.19.133.78
104.19.217.61
13.226.159.59
13.226.159.65
134.209.168.228
151.139.128.11
151.139.242.29
169.55.146.12
185.184.8.30
185.59.220.196
192.0.72.22
193.232.148.148
216.58.212.162
23.37.42.132
2600:9000:2182:0:1c:8a07:5e80:93a1
2600:9000:2182:4800:c:abe:f440:93a1
2600:9000:2182:5c00:c:a9b7:ddc0:93a1
2600:9000:2182:de00:1f:2f70:3e80:93a1
2606:4700:10::6816:4a8a
2606:4700:20::ac43:4528
2606:4700:3031::ac43:a025
2606:4700:3036::ac43:8a2c
2606:4700::6810:a723
2606:4700::6812:e234
2a00:1450:4001:800::200a
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9a
2a00:1450:400c:c07::9b
3.124.48.224
3.126.56.137
35.156.106.231
35.156.245.144
35.241.35.213
52.50.156.162
64.62.227.5
69.173.144.139
89.40.36.137
93.184.221.168
015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126
03d6ec8a76d3a9db9c6fba92a0d3da571a977b4707467dc5e7e4c2c5cfe4f2bb
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
06d6281586cc20dcfdd22a941a99f03827c9b93e3093e8ded84b5f094fbf130b
0abbfaaab7aff367ebd495294f98954f04c909b80157b8209052a09428a05a7c
0ca6a1deffca1b5641230245a8f4449da068519b436c439368f6dd8fd33a9c61
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
121cb1fb120cf0c70971e0f5640cb14c17312a8ab0a107ad2630c2a8215c1037
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
148ef126484c19d7656765bd31924aca3c2515a68b6e2e0dc70abd06e4e47d8f
163cc5bd0a3f3045ee6d4f046ad35361f6a74f4a00710349ca53a224ac7b3909
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
214bd19f84736350c3964ba1967229ff51ca2f46bccfbf7dfc5e661977bb37f4
214f4dfa46fa3332319a25096f499e734e2ff5acdfddf37c4313e7f0f7c9d003
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
2812b5871e2eb8b88106d7c764dd455a05f541a5dc56d6338b0ce912cdef09e3
28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120
2a7166a9bf611075509f6daab98e6c808afc3316c14f4bfe1459b5bea17aca24
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2cb2ad3aa47f82faab1723bdd80987a6d6d9d255ecbadde0ecfba2eb3e820841
2de1ce0f166938e7fe472bb4badf07840996f00f5952af5f197aadab8ce0cd0e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
310eaeee814d79e97a48c1859c4d0187ffc24b92fec8f2b7a190b56448f776d5
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
35c030d8aad3b193c36a4350509774cc420a86bd26b4c1c0a0f6232cdd7ba624
3762acb9f8b2573268fd4be36fe6e0258152e7f6430a88874483fe8ea6d3339d
3ea6931d41dff60efe83187d7c547a5b70422bf390ad5265b73e5be9c3623db6
3f026c82d20e24dcaa217ccdc82d8cb03354a04d52d24a3dcf0e01c159684bdd
414d8b428bdb05db9e520b23c7855cb14d5eee21007b4492d7f151f46ffd0f3a
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
4270958138ed79092adee3dd90ca32c03d921e5ce3df9b548e983599dacb3d94
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635
470955ca36f06efb5514e47f9cc7bfc0d912bb7082523101fb6c4c6aac4e5e2d
4770f3dcd578f18a061c8705062bad7e959f3747f5c772749ccff4d63969480f
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
494b1701051e03edb54f427a94d71ff944e81ef2698206d60a8cdab0cdd6b9c7
4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e664d73f0b2ae548ab50a11725153d9eaf1ca55a0bdf1076ee915cc6e20ac06
4f3e7874d693e811660a3f3015f0784629f49e7835ff364f51fae2851ed9cedb
4fb766d6d2c9ffd693f9f83bd6f18b7a55804e2ad8bc81733404686acc3b2c5b
5038965e95ed824e89ea7ee877f18207326aa69e0aa5feef1cb962a75159ca2f
505864f9436def05580211dd30d70e6c5dfd59b7c3b65a900687004174e25975
53c27b51fbe75ac10fa50e1d74506eb92c2ba81014abeee79042db03ed06a64f
546f51b3ea22ede0d5ed26f7686f15bdbd300c066497554511de916b813437ed
5c5a22c704da51d236b29ae32a979a1a8f06969896795c03807774f6de684507
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
5fe96f43fb9fd696e1c1b25524fd5fb0fd0e43d91a2f4f48830719c688f1988e
609c63905a53fb868987279daf5a76db62719062bc497e07db3b6866ec531e56
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61892e5d7ead63a82575f9f2c5e0ae521cc6e81f63b695fbf0aeb8ecf753cdea
61897b67e4ea870cfd90b2ec505005298f8e319b15f695547628a5e4635adac1
62bae2f11f397b39af63c75f4da1433ad10287edceecd079ae8a40e4b820d129
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63763792847452282ff1fc0dc410b41e8d96f037ff1ee8d65f09eb0144ec697a
63b9449a2351ba42eb5d2d76502bcfd91e33d7097d9111fd332352605a1acb58
657edadec294d875e1501656cfbc7cfdfe1f7ff09a7002f827a7c95e30fb216f
65b7922d33e18f00370ed37ed20764fd8103dd882f0bc5310ab20225e63f9e88
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6bff00389d65162861fa21d7d3a888b52bec76ade6a9aadb79177c50bb1b0869
6cdd9ff0d35d7ccf8e2092985f761c9a06fc2126fd3caceed43adfac938a1a83
6d17b23bd085ec78f7c0b3b32343d0326e59a88f523931d3af6d2c95fbb92bf1
6f14d4508ddbfe25b151fddba29a909d1360f3a94d58473d7e8c2f42fd33fa21
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
714dcf635dffa58c9c90a7b16a57ac37ad1876da2bc6c56feec33e8090cf9990
724d7b74367497bb10c46d55c5490246031ae83559b82b20d6199508674b8202
73c5ad061e90163522a3082f2c29b69242934fd6e4890bdf96aaf52915619fa5
7420d970218c4155462ac0e7e641bdcf2364899a2daa218c94d0519ad246602a
742d6179dde47a9a8361a204a46ae6164360817a57506ec876463d5e62f3c4af
745681472b16f5879d50329db19a8cb4f23766b3a2cebfcc48a420b872bd1010
772e2829664d6a5ecd75824c63e6491160e5b7e207b09a79b9e9168bfc218e86
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7a979ff21bbd64e4f4bc14aca5abb13d4aa6748c90cb33ccd7cb41475ff0f362
7c2e8c9cfe1f294ff2a3b5257f22d63289072426eebdd418524b46923fc93d09
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
801363bedbfce205fbda10b1bd4528cdadbcdfa13318556056cf05d865520b04
801dc4d2aa92b54f8e4e16a64204cc46ce6607fed9433e25f7aa11167965c0e8
80816db50cd38c547b3d4f0dc1852002ccbde66ea4c3b802368825b43448f689
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549577feb74cd2da95df59938e46035c4b56954c8db1971c7c5a43b5c6f8574
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8748c3f093e179a97bd9638f355e43b9e8814a1bcd31b26916d0f4ea454d4f47
88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42
8bd559dad13382260ef019f6a0807b9dd746bd6738a93bcbc77929041e0bb5f7
8c4f48f8e70771e127127f49ee2b9e73e0e03e03e93adb2852cc6b5d31e696d9
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
911410ce3a1a88fabd28f3ebe1680eb8d49273bfd7c750c347c8c12539ddcbcb
98833ce9d996f54d74e707ae9e4d032b97cf303333db38e1938435315bd16f38
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a21673f00fccd26d92e98e537e3456db760e6e38822723a32fc2be8d59e1c14b
a5805ef2d343fa6e0f7897271b265c68b908bfd72b12eb1e6edc0e88a1ad940c
a58df31c600dfdedd12125df9b9d31a20c3e8c69b8d6e95b8341eade909b098c
a69fbfbc9279160579b8728c24a0170fa7b184e776777d4bc8e6681f3c7f5efa
a884bfd027efb4d6d028140f6af4ee69c0158f184e18c81b5503e90b6c46a313
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa306ecfe02da51caefa05cfeaa1e5dd19e2a28df63a2a17e0c543261b7873fc
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
af54c50c8c81bb5de6f8460e58f66372a414cf89628038ef7afc9dd3f49bf50e
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b15122376837b963a97e89461a7f11c7565ae51f578d3c6486f852ab3064ce7f
b254a0605664472bde6f059776da3ef51af099f74b74afbf7b6c05887607037c
b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25
b35edc255b6a247b77e5542dd6d224bebb82f941fa4a20db04aeb77bf96f8a2c
b61ef6b2eab73ab609094bad771535be430387ff3c75bb72bb399acb236953a2
b6c6ca14cc3b71344f97058c71b2ef5c957710237df46edac95b38effce51817
b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08
b8be02f206a5e7fe2a034fbc8e3171abee2cd63f876f7230373155c95ef6ae1e
b93dfa09e2344b922b56ca85b3444affeeec2dfaa73b207a8da353057313eb24
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bb7e9dcf46c3e28648a9eefe825726629633a1ca87f1a040c310dc3a28ea6cc1
bc9660d7ac46301f011dd70e699141c6a69b3f206a4283c3dceb385dd5b52655
bea70fcd4c0954924c88066a977af45b72b483837eec9b7d08c650c4cccef335
c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01
c3fdb2a32b2368e2c4f64b51783a43bbc013be19ed8133ec8a1c3295948c5c27
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
c42f614b6a7df13ef48bc8e98fef0ffaa467b24af7df44654362357bb23cd08c
c4a050ca2e2de2492b659f1f4fbbe9a5169119ed7191ff51563fafda12db6f95
c67b269c17240c6a06dc1e095b2e3117bf36707dc5574bce3257a96b89792f82
c8a3a8998456680357127ef5b8b14e940b671ea39dd82f03f1c49c514631f9c7
c9878dd957f48d334a326be363d7eefe2eb9a79f2d7d34763e44598e42e18cf8
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cc4db94841511445818e558374e732933e5cebc46c92118928d56126cad8d142
cc72c12855f4a120e4b586dcc7b589ec2691fb300fdf362f413b9945c82dab5d
cf18c7a4f21df2eba5bae0a708b8007e4cd2775afbe80388a904f573735e8ed1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d104b9b05add8375198f31bd85adf0df17b6d70d348734d41aa4b71ae0567765
d1056a55e9ab2d7fa0b30ceac60db996ff097511a3a72befa8b2b1b99bb8c8d4
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d34406e9ebdf7d7296fc2fcbd92cf41667a22de498daf47dc839317498c823d2
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
d6f51b41d8e7c24e26ba17cc31cd59614a9a62f669fffd9aac8536e80b0a771e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7fee305e00cdf2564b19f2ce784e9b7ea43e2f0d31b974f2a3573b1b72ffca5
d9739c96b42fe1e9b56dfa9f8ed993d3c0b9b411c44293c3eb938f793403dfc7
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de70f32e882dd91cf22db419cb671815b11636ea1adefcf5b9735850a684b61e
e345937ea807c982b1b3e7068909ac278677eaeb48949fa6649b77af379ebd0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7619746f6490749626842ab49718b1dd431510d90b13b474f80685e206a5f84
e85c96975ada9e742e0c39ae4514eca0002dd691af8bc9985b520075448eb3de
ea3824e6cde98cd10278f531e8dfc2568b1bd922299dc24a75c3e4b90a8e0048
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5b36ccbdec33b7bce73a0ecd576dce20937cedf180223bd4eb52e5a8168a46
f3b2f3421826463567e3bec3fa9874849ea143c7cbb59355f758a69e211f350a
f50c53e0d96300d7a6c66b9b337b3435531fdef0a2763d4cdd7c973e1df35efa
f54f5520fff3867ff9afe8c1f9ce56f228704e69cb49c254657f9f2db04c0ad3
f874e49abe428aded3ba65afd474956e72fed4fe833781b904c97f41dd71b2ce
f9f83cfa320dbb77a5eb1ef21940cf051f2c54dce20eb87cf2891411581446a3
fdbd1eb459cc3afe33f1a009acd8b3dc10faf7abffbdb86af951ad89a5eb86f9
ff90a7645bd6b34292930e3c5e85313feabe1b2a40783b58d09fa238fd05d702

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4a8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

99 %HTTPS

57 %IPv6

42 Domains

65 Subdomains

58 IPs

8 Countries

17583 kBTransfer

22508 kBSize

3 Cookies

28 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

99 %
HTTPS

57 %
IPv6

42
Domains

65
Subdomains

58
IPs

8
Countries

17583 kB
Transfer

22508 kB
Size

3
Cookies

208 HTTP transactions
2 data transactions