beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission: On October 18 via api (October 18th 2021, 3:39:07 pm UTC) from QA — Scanned from DE

Summary HTTP 161 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 41 IPs in 9 countries across 40 domains to perform 161 HTTP transactions. The main IP is 2606:4700:10::ac43:e6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2606:4700:10:... 2606:4700:10::ac43:e6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.71.13 65.9.71.13	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
23	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:4e23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
7	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	85.214.112.89 85.214.112.89	6724 (STRATO ST...) (STRATO STRATO AG)
2	2606:4700:303... 2606:4700:3036::ac43:d037	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:eb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	209.58.165.79 209.58.165.79	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2	89.40.36.137 89.40.36.137	50939 (SPACE-AS) (SPACE-AS)
2	2606:4700:303... 2606:4700:3035::6815:4e2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:4c32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:e17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	64.27.55.138 64.27.55.138	30475 (WEHOSTWEB...) (WEHOSTWEBSITES-COM)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	104.22.74.138 104.22.74.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	65.9.71.88 65.9.71.88	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
11	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1 3	13.35.253.71 13.35.253.71	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5 5	3.123.82.137 3.123.82.137	16509 (AMAZON-02) (AMAZON-02)
1	5.135.97.203 5.135.97.203	16276 (OVH) (OVH)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1 1	87.98.128.108 87.98.128.108	16276 (OVH) (OVH)
2 2	18.192.92.12 18.192.92.12	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
19	2600:9000:205... 2600:9000:2057:c000:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
161	41

33 2606:4700:10::ac43:e6e (United States)

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.71.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:4e23 (United States)

ASN13335 (CLOUDFLARENET, US)

calabeshes.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.255.14 (United States)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.214.112.89 (Berlin, Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: h2946827.stratoserver.net

robscholtemuseum.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:d037 (United States)

ASN13335 (CLOUDFLARENET, US)

thewashingtonstandard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:eb9 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.58.165.79 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: opal2.opalstack.com

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.40.36.137 (Romania)

ASN50939 (SPACE-AS, RO)
PTR: amg-news.com

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:4e2a (United States)

ASN13335 (CLOUDFLARENET, US)

www.henrymakow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4c32 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mydailyinformer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e17 (United States)

ASN13335 (CLOUDFLARENET, US)

theconservativetreehouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.27.55.138 (Denver, United States) 1 redirects

ASN30475 (WEHOSTWEBSITES-COM, US)
PTR: savethemales.ca

henrymakow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.74.138 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.71.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.71 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-71.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.123.82.137 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-82-137.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.97.203 (France)

ASN16276 (OVH, FR)

dispatcher.adxcore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.128.108 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip108.ip-87-98-128.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.92.12 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-92-12.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:2057:c000:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	450 KB
34	beforeitsnews.com beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com	570 KB
29	tradingview.com s3.tradingview.com s.tradingview.com s3-symbol-logo.tradingview.com	264 KB
7	rmbl.ws sp.rmbl.ws	959 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	bitchute.com static-3.bitchute.com	184 KB
5	imgflip.com i.imgflip.com	380 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	6 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	google-analytics.com www.google-analytics.com	39 KB
3	henrymakow.com 1 redirects www.henrymakow.com henrymakow.com	129 KB
3	tapnewswire.com tapnewswire.com	29 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	adsrvr.org 2 redirects match.adsrvr.org	907 B
2	360yield.com 2 redirects ad.360yield.com	614 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	757 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	rddywd.com rddywd.com	1 KB
2	amg-news.com amg-news.com	579 KB
2	thewashingtonstandard.com thewashingtonstandard.com	70 KB
2	youtube.com img.youtube.com	89 KB
2	wp.com i2.wp.com i0.wp.com	83 KB
2	googletagmanager.com www.googletagmanager.com	76 KB
2	googleapis.com fonts.googleapis.com www.googleapis.com	1 KB
1	google.de www.google.de	501 B
1	google.com www.google.com	501 B
1	idealmedia.io cm.idealmedia.io	413 B
1	erne.co 1 redirects green.erne.co	297 B
1	adxcore.com dispatcher.adxcore.com	260 B
1	lentainform.com cm.lentainform.com	495 B
1	adtelligent.com s.adtelligent.com sync.adtelligent.com Failed	885 B
1	googlesyndication.com pagead2.googlesyndication.com	51 KB
1	theconservativetreehouse.com theconservativetreehouse.com	281 KB
1	mydailyinformer.com www.mydailyinformer.com	17 KB
1	jamesredpillsamerica.com jamesredpillsamerica.com	886 KB
1	robscholtemuseum.nl robscholtemuseum.nl	5 MB
1	calabeshes.xyz calabeshes.xyz	42 KB
1	ytimg.com i.ytimg.com	17 KB
0	e-volution.ai Failed sync.e-volution.ai Failed
161	40

	Domain	Requested by
19	s3-symbol-logo.tradingview.com	beforeitsnews.com
17	beforeitsnews.com	beforeitsnews.com
16	img.beforeitsnews.com	beforeitsnews.com
11	s-img.mgid.com	beforeitsnews.com jsc.mgid.com
9	s.tradingview.com	s3.tradingview.com s.tradingview.com
8	cm.mgid.com	jsc.mgid.com beforeitsnews.com
7	sp.rmbl.ws	beforeitsnews.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
5	x.bidswitch.net	5 redirects
5	static-3.bitchute.com	beforeitsnews.com
5	i.imgflip.com	beforeitsnews.com
4	c.mgid.com	jsc.mgid.com beforeitsnews.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com beforeitsnews.com
3	servicer.mgid.com	jsc.mgid.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	tapnewswire.com	beforeitsnews.com
3	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com
2	match.adsrvr.org	2 redirects
2	ad.360yield.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	creativecdn.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	cdn.mgid.com	beforeitsnews.com
2	rddywd.com	beforeitsnews.com
2	www.henrymakow.com	beforeitsnews.com
2	amg-news.com	beforeitsnews.com
2	thewashingtonstandard.com	beforeitsnews.com
2	img.youtube.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com s.tradingview.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	www.google.de	beforeitsnews.com
1	www.google.com	beforeitsnews.com
1	cm.idealmedia.io	beforeitsnews.com
1	green.erne.co	1 redirects
1	dispatcher.adxcore.com	beforeitsnews.com
1	cm.lentainform.com	beforeitsnews.com
1	secure-assets.rubiconproject.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	henrymakow.com	1 redirects
1	theconservativetreehouse.com	beforeitsnews.com
1	www.mydailyinformer.com	beforeitsnews.com
1	jamesredpillsamerica.com	beforeitsnews.com
1	i0.wp.com	beforeitsnews.com
1	robscholtemuseum.nl	beforeitsnews.com
1	i2.wp.com	beforeitsnews.com
1	calabeshes.xyz	beforeitsnews.com
1	i.ytimg.com	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
0	sync.adtelligent.com Failed	s.adtelligent.com
0	sync.e-volution.ai Failed	beforeitsnews.com
161	57

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
forum.beforeitsnews.com
www.youtube.com
widgets.mgid.com
www.mgid.com
brainberries.co
telegram.org
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.tradingview.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
static-3.bitchute.com R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
sp.rmbl.ws R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
robscholtemuseum.nl R3	`2021-10-13` - `2022-01-11`	3 months	crt.sh
tapnewswire.com R3	`2021-08-14` - `2021-11-12`	3 months	crt.sh
amg-news.com R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.adxcore.com Gandi Standard SSL CA 2	`2021-01-23` - `2022-01-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 8 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 8872E9F90DF2C954E32D3E866EE74479
Requests: 116 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202191815
Frame ID: AF08417EDCA3CBBBF7C51018AF9A56B4
Requests: 6 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202191815
Frame ID: F2734CCFF89D7294F1B7E500714FE27A
Requests: 3 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 2242226ADCE4FD2BF3B5DF43A4192F68
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: 6041D7B47CD21DBAF434616BFAD5A741
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1634571541327388557190
Frame ID: 914031E7F56B6A3C8BE8E2D29FFD3CB2
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 1967F666C3EC192A057718D7ABF135D5
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 845BCB573C133C6075A0D1BC370E15ED
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Advert Stream (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:ad\.advertstream\.com|adxcore\.com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

161
Requests

99 %
HTTPS

44 %
IPv6

40
Domains

57
Subdomains

41
IPs

9
Countries

9982 kB
Transfer

11890 kB
Size

31
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/6-the-most-addicting-korean-dramas-to-watch-in-2021/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/travel/5-worlds-most-bizarre-theme-parks/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/top-10-most-romantic-nations-in-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/8-deadliest-sci-fi-monsters/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/best-and-worst-video-games-featuring-celebrities/

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/top-8-greatest-female-led-horror-movies/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://henrymakow.com/upload_images/Screenshot_20210914-184255.png HTTP 301
https://www.henrymakow.com/upload_images/Screenshot_20210914-184255.png

Request Chain 118

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlpMXlZWTZNWEQ4&muidn=l9i1yYY6MXD8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlpMXlZWTZNWEQ4&muidn=l9i1yYY6MXD8&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=l9i1yYY6MXD8&google_ula={guid},5&google_gid=CAESEDHclKnRqsocyMP3sPAj9xI&google_cver=1

Request Chain 121

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=rRckaIXmjR8YgjXTxILw&pi=mgid&tc=1

Request Chain 122

https://x.bidswitch.net/sync?dsp_id=303&user_id=l9i1yYY6MXD8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l9i1yYY6MXD8 HTTP 302
https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0

Request Chain 123

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=35794855-d96a-4e98-9ec9-a51218c70850

Request Chain 124

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=X1SY9OlUnYBkTPRf3PsnXqwr&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0&gdpr=&gdpr_consent=&us_privacy=

Request Chain 125

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=7741f530-7f52-4553-ac46-e67967e16140

Request Chain 127

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=8450db5b-6953-4a7f-af28-5401467ce567&ttl=1637163541

Request Chain 137

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634571541756&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634571541756&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

161 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 121 KB
24 KB 885ms
626ms Document
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47716fce1f9fd5f0a8f6718e039b86677d4b50b0e891960eb3a416f31d699d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6a02db53ab6b5c98-FRA
access-control-allow-origin: *
cache-control: private
set-cookie: SERVERID=s3; path=/ __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud; SameSite=Lax; path=/; expires=Mon, 18-Oct-21 17:56:58 GMT; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 _KRSshvvWcFjj8eVhUL7TTu75W0.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 46ms
44ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11796365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: K522D3R0RH0204P8
x-amz-id-2: asuqKPIQP/RST6NJ+S20Sw1PTYqLIM9dgZlD6+5N2El6vJsSdDsTDZBoA0aoi2ufLwyrsyk0Zao=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7f176f4cc71059e93db3ae6263ce5c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iruw_GjpCNwc.7p7jDS427AkLHWsll2i
cf-ray: 6a02db57bcb45c98-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 139ms
47ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 15:38:59 GMT
server: ESF
date: Mon, 18 Oct 2021 15:38:59 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 15:38:59 GMT

GET
H2 200 global-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 15 KB
4 KB 52ms
51ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/global-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 361622
cf-polished: origSize=15789
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-3dad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6a02db57bcb65c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 fancybox-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 73ms
72ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/fancybox-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 361622
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6a02db57bcb85c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 home-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 28 KB
7 KB 57ms
56ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/home-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 361594
cf-polished: origSize=29134
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-71ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6a02db57bcba5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:12:25 GMT

GET
H2 200 responsive-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 65ms
63ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/responsive-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 361622
cf-polished: origSize=20565
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-5055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6a02db57bcbd5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 web-responsive-bin-rev-20211014.css
beforeitsnews.com/static/css-v3/ 371 B
240 B 119ms
118ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20211014.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/web-responsive-bin-rev-20211014.css
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 361622
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:11:07 GMT
server: cloudflare
etag: W/"6168104b-173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6a02db57bcbe5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 62ms
61ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jquery-fancybox-mobiledetect-uuid.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2112708
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6a02db57bcbf5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 01 Oct 2021 04:47:11 GMT

GET
H2 200 global-bin-rev-20211014.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 85ms
84ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20211014.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/global-bin-rev-20211014.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 361622
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:29 GMT
server: cloudflare
etag: W/"61681025-3145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6a02db57bcc05c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:57 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 103ms
57ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 649407
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 03:15:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db58ef485c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 177ms
87ms Script
text/javascript 65.9.71.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 12:44:28 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
last-modified: Mon, 18 Oct 2021 12:44:14 GMT
server: AmazonS3
age: 10472
etag: "21900f307f22135fe5dafa6a070e7222"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10981
x-amz-cf-id: ppvwBf3LMy0YXi6bYHJ2plg7pqMVq8GQ4t7TMoBkonZ3vOCV4WyyuA==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 142ms
96ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 651443
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 02:41:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db58ef4b5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
201 B 102ms
57ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 649913
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 03:07:05 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db58ef4e5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/U-5QdqQD4hM/ 17 KB
17 KB 151ms
52ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/U-5QdqQD4hM/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69716545aba05a755d476ec6a36e722d1fc7721919a92208bcc2d9c91a9f30eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17334
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Oct 2021 17:38:59 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 439ms
237ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcdeba1327e2ca6c4036196139860e90d5068ea9fcdac39dd2547d6f68a129ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 22B4KKCRJAQ24M0Q
last-modified: Wed, 08 Sep 2021 08:32:54 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: 5fMotxi4BFpXVxK0aotLTsKWHR4zkKT1xFhCB8M2WD+PrnMyU3hmkln3zmr/OQpF4Z8re/FkNLI=
cf-bgj: minify
server: cloudflare
etag: W/"777c176b4db82b5ef7572b3d4bdd5196"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6a02db59ed1768e9-FRA
expires: Mon, 18 Oct 2021 18:38:59 GMT

GET
H2 200 tabs-bin-rev-20211014.js Show response
beforeitsnews.com/static/js-v3/ 148 B
578 B 66ms
66ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20211014.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/tabs-bin-rev-20211014.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 361621
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:33 GMT
server: cloudflare
etag: W/"61681029-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6a02db586e335c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:58 GMT

GET
H2 200 12098 Show response
calabeshes.xyz/easylist/ 203 KB
42 KB 296ms
153ms Script
text/javascript 2606:4700:3035::6815:4e23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://calabeshes.xyz/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4e23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c25fca1140d087523610532cdad4ce938c392c31075f17da6acc1316b8c7353

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0a5704186e23d74c32efffb0ee29abb7d9ded6b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FJ1xK4plFoZtj2v2C4UVx8P3x59A4rOJ7eoDEwnL6gXEklJ7E5%2F4EWc7pND79ty8l2gU6rMoxSgl0CsKPVSFXAjSJqbac6jepnbGXMG98zZMVf6L0FpMf7TmMnfNzKhVmNzLR4Bwnjo%2BA9itw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 6a02db5989a3702e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 152ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e84cc2231ac5774450198a051d5f72248bd71951109a18e7bca8fcc4aed6145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38622
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 15:17:30 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Oct 2021 15:38:59 GMT

GET
H2 200 jsDeferParsing-bin-rev-20211014.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
1 KB 109ms
108ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211014.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jsDeferParsing-bin-rev-20211014.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 361621
cf-polished: origSize=6188
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:31 GMT
server: cloudflare
etag: W/"61681027-182c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 6a02db588e895c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 11:11:58 GMT

GET
H2 200 DN2ljmq1lJUOI91HMatC4Qo4fdo.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 97ms
96ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3071062
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MSMS6XT6HFAS2SRM
x-amz-id-2: DdIxAUr/6USuzdT+5PVX1fN+Ikx6+MO0MlPzwe3pqksXtgBdsm8Qm8WPvHjaOlY26ODca6CTx1w=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7a6e84d6417ab337f05fd7000f282762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: aBVNeaiVU3H7gys1mI2xPATDTQBfk7Cv
cf-ray: 6a02db58aeaf5c98-FRA

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
282 B 97ms
97ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/top-bg.png
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 651429
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 02:41:50 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6a02db58aeb55c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
917 B 95ms
94ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/b4in/search.png
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1294526
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 03 Oct 2022 16:03:33 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6a02db58aeb85c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 16 KB
16 KB 197ms
99ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:16:39 GMT
x-content-type-options: nosniff
age: 102140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16364
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 17 Oct 2022 11:16:39 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v9/ 15 KB
15 KB 141ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 14:39:19 GMT
x-content-type-options: nosniff
age: 89980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15124
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:18:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Oct 2022 14:39:19 GMT

GET
H2 200 5qv9v1.jpg
i.imgflip.com/ 68 KB
69 KB 238ms
102ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5qv9v1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932a28ed9956d4c57ae12d1ecb314501e2963d5efd56d868c8e09cb5b328b179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cf-cache-status: HIT
age: 8027
cf-polished: origSize=71083
cf-ray: 6a02db59c8625be5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70068
x-amz-id-2: +bhiiM+PhJP0PoMJ0dGMPxCuPZLXUOSECtgw1/KM30Gr97XwnSFGth2v1v/unp1cPEviHe6TE/M=
last-modified: Mon, 18 Oct 2021 13:18:38 GMT
server: cloudflare
etag: "b25943eb143780ba09f1df8ab4815d06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6QBDMEZAYQPVV4CZ
access-control-allow-origin: *
expires: Thu, 16 Oct 2031 15:38:59 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 EX%20PFIZER1.jpg
img.beforeitsnews.com/contributor/upload/819011/images/ 16 KB
16 KB 223ms
222ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/EX%20PFIZER1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f5c1206d5c3cd3c6de43010d7ba3ce8503fcd4cc0d084610d175e86f799a81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 41759
cf-polished: origSize=26642, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16009
last-modified: Mon, 18 Oct 2021 03:46:37 GMT
server: cloudflare
etag: "616cee1d-6812"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 18 Oct 2022 03:51:00 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db58ff5e5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5qrkr4.jpg
i.imgflip.com/ 77 KB
77 KB 416ms
280ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5qrkr4.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d113418452ed85d3bf44738f1d27ce4e7f3ddb53a8896651c7cb61b2a9e74530

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cf-cache-status: HIT
age: 89302
cf-polished: origSize=78722
cf-ray: 6a02db59c8645be5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78386
x-amz-id-2: U3drPTV6jGUIIm4vJvg+2FZbwNn/HXM32LTe4zJs3wGC4FUrQBdlMFGRkCHvp2xP92S3ZjNvmA4=
last-modified: Sun, 17 Oct 2021 14:49:21 GMT
server: cloudflare
etag: "ebcae702e8d8dc3f8aa46227ef23c005"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 1PGS0RGC5AZ6VEQM
access-control-allow-origin: *
expires: Thu, 16 Oct 2031 15:38:59 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 xIWk2AiHW9Ok_640x360.jpg
static-3.bitchute.com/live/cover_images/bAJrSIM9Az6Z/ 29 KB
29 KB 392ms
259ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/bAJrSIM9Az6Z/xIWk2AiHW9Ok_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

4d8c81478cecda6e5cf31c1495cb90b02f5f68159cc843376757e4eac22b3480

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cdn-edgestorageid: 752
age: 0
cdn-cachedat: 10/17/2021 03:23:29
cdn-pullzone: 89010
content-length: 29275
x-amz-request-id: tx000000000000002f40548-00616b7b11-8058b93-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-713
last-modified: Sun, 17 Oct 2021 01:09:43 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: a0f4b1fb74b3541f2ac4de7bc2f1b828
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 R077e2f0157bc0c25fa4a22a7c3d0b0a4.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 33 KB
33 KB 253ms
252ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R077e2f0157bc0c25fa4a22a7c3d0b0a4.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e0f9ea53ecda9b123dac13a3960ce2c5d8e25f55beab68fa871e750dfd1e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 58397
cf-polished: origSize=36785, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33682
last-modified: Tue, 18 May 2021 21:51:16 GMT
server: cloudflare
etag: "60a436d4-8fb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 15 Oct 2022 11:19:28 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db594fff5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Q8UAH7lcBGll_640x360.jpg
static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/ 41 KB
42 KB 248ms
135ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/Q8UAH7lcBGll_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

380da9318f07656019ae99b866979ad4c7c7cffa0d8e6dd9426275df6d30b642

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 10/18/2021 05:44:28
cdn-pullzone: 89010
content-length: 42015
x-amz-request-id: tx00000000000000309f2e0-00616ced9c-82ef209-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-713
last-modified: Mon, 18 Oct 2021 03:39:10 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 96f651d0f5f5c8cd28fa57017c21088e
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pN-yc.UQ4e-small-Ep.-2603b-All-Eyes-Are-Now-.jpg
sp.rmbl.ws/s8/1/p/N/-/y/ 199 KB
199 KB 917ms
581ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/p/N/-/y/pN-yc.UQ4e-small-Ep.-2603b-All-Eyes-Are-Now-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ca268a9549055c6c88e3991bda47a937a23378ed7957c621942337dd03b4cf11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
last-modified: Sun, 17 Oct 2021 22:07:03 GMT
etag: "b1170aa207f994b1e655b36ed82563aa"
x-hw: 1634571539.cds135.fr8.hn,1634571539.cds242.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=23779
accept-ranges: bytes
content-length: 203295

GET
H2 200 Trump-babies-Cabal.png
i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/ 38 KB
39 KB 526ms
91ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png?w=640&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 18 Oct 2021 15:38:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 16:06:15 GMT
server: nginx
etag: "faf3481fc6687853"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png>; rel="canonical"
content-length: 39300
expires: Sun, 26 Feb 2023 04:06:15 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/LkJXJ_YxG28/ 45 KB
46 KB 283ms
134ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/LkJXJ_YxG28/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc55fc97436606d6bb9e709e0c5bfb0500c0af309c0e9e8d823f3d40f0b92bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:15:44 GMT
x-content-type-options: nosniff
age: 1395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46354
x-xss-protection: 0
server: sffe
etag: "1632368233"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Oct 2021 17:15:44 GMT

GET
H/1.1 200
OK Hydra-foto-Giphy.gif
robscholtemuseum.nl/wp-content/uploads/2021/10/ 5 MB
5 MB 407ms
50ms Image
image/gif 85.214.112.89
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robscholtemuseum.nl/wp-content/uploads/2021/10/Hydra-foto-Giphy.gif
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.214.112.89 Berlin, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2946827.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 0794d23c19ced878a27dc3e2585613266ff84bbe9ec073274fd8edfc157926f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 15:38:59 GMT
Last-Modified: Mon, 18 Oct 2021 05:29:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "49a49f-5ce99d45bd157"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4826271

GET
H2 200 image-150.png
i0.wp.com/theexpose.uk/wp-content/uploads/2021/10/ 44 KB
44 KB 213ms
36ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/theexpose.uk/wp-content/uploads/2021/10/image-150.png?resize=639%2C129&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

72627ff2facf83bb7a03434a571d4741d9beba2085c3ccc2c1492120e84d33f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 18 Oct 2021 15:38:59 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Oct 2021 05:55:40 GMT
server: nginx
etag: "06cef1fea9ca7dce"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://theexpose.uk/wp-content/uploads/2021/10/image-150.png>; rel="canonical"
content-length: 44740
expires: Sun, 15 Oct 2023 17:55:40 GMT

GET
H2 200 download%20(1)087.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 27 KB
27 KB 235ms
234ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/download%20(1)087.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5819736b0031225cd8823cfb57136716b978c05c600078f546c1489891de493c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 103940
cf-polished: origSize=57438, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27330
last-modified: Sun, 17 Oct 2021 04:51:57 GMT
server: cloudflare
etag: "616babed-e05e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 17 Oct 2022 10:42:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5968525c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 OLD%20GERMAN%20TARTARIA.JPG
img.beforeitsnews.com/contributor/upload/819011/images/ 36 KB
36 KB 203ms
202ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/OLD%20GERMAN%20TARTARIA.JPG

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b91454b286185a912ceb259424bd60eae0d5346fbb8ed6b197b232bdda1d5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 137280
cf-polished: origSize=46890, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36680
last-modified: Sun, 17 Oct 2021 00:54:46 GMT
server: cloudflare
etag: "616b7456-b72a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 17 Oct 2022 01:07:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db591fa15c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 R%20(2)(10).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
29 KB 203ms
201ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R%20(2)(10).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

858abb1d81fa68a0434986a4cd7400b9c8b72bb3659a044a84ab0357693c403c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 39820
cf-polished: origSize=34374, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29177
last-modified: Mon, 18 Oct 2021 04:17:32 GMT
server: cloudflare
etag: "616cf55c-8646"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 18 Oct 2022 04:19:05 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db591f9f5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 download-3-1.jpg
thewashingtonstandard.com/wp-content/uploads/2021/10/ 23 KB
23 KB 473ms
136ms Image
image/jpeg 2606:4700:3036::ac43:d037
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thewashingtonstandard.com/wp-content/uploads/2021/10/download-3-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d037 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 917a0412c2c8c49e2b54520422835b16700fa43a6cd7a389a726f95e2d5d41e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 405561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23326
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Oct 2021 22:59:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qt5UsqyRZih0o76izB9rvA1qm5p5jcy6x4abcL8a7G7CT%2B%2BANIxt1G%2BavdCyApBwqw4RqsQqBU97QnfFvRaYz9S3rS0Za8%2BiwkP8Tc5Vv34fzqZehBil9LXLVl2vHuiuZNqARMCP2VwPQlMTtJrwnO7GEaHW4Kur"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5b3a7305dc-FRA
expires: Thu, 13 Oct 2022 22:59:38 GMT

GET
H2 200 xSTsc.qR4e-small-Clif-High-The-Greatest-Gene.jpg
sp.rmbl.ws/s8/1/x/S/T/s/ 136 KB
136 KB 429ms
94ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/x/S/T/s/xSTsc.qR4e-small-Clif-High-The-Greatest-Gene.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 151aea951e97f3c58a309e6971798e07cd7c0b37a12fa1af35f68bdcdfcc3c19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
last-modified: Fri, 24 Sep 2021 04:04:29 GMT
etag: "b034d3e0ab707c757099b65e3f3b086d"
x-hw: 1634571539.cds135.fr8.hn,1634571539.cds216.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16259
accept-ranges: bytes
content-length: 139327

GET
H2 200 EXTINCTION.jpg
jamesredpillsamerica.com/images/ 884 KB
886 KB 541ms
55ms Image
image/jpeg 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/EXTINCTION.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56211ae71a980d896bf59af0a91407b3e29d93ec9567564798ebba5fd30f485f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 416335
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 905667
last-modified: Wed, 13 Oct 2021 19:39:02 GMT
server: cloudflare
etag: "616735d6-dd1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar99Ox8uiOakUFnQ8cqaHlJz98Nkdmf9wb8RLfbVsfcwfL9uvI1JMV36nhCRpWW2l8SPT1FIpU4iG3IRf4%2Bu3xK0D7fOsq1GfXM6iAKddaCYJ8X1CNwsAhTWnKDk2nfwdq10k19uO71reoAgXj8%2FY7HC9AFfaaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5c1a3c05d0-FRA
expires: Thu, 13 Oct 2022 20:00:04 GMT

GET
H2 200 Graphene-Oxide-Detox-Protocols-For-The-Vaxxed-Unvaxxed-FI-08-26-21-min-300x135.jpg
tapnewswire.com/wp-content/uploads/2021/08/ 15 KB
15 KB 1025ms
523ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/08/Graphene-Oxide-Detox-Protocols-For-The-Vaxxed-Unvaxxed-FI-08-26-21-min-300x135.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: cb158292c1e00f2a542a6db98b2fb425da7c68dfbc924d68ac09681b93a2e272

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
last-modified: Thu, 26 Aug 2021 13:20:57 GMT
server: nginx
accept-ranges: bytes
etag: "3a8a-5ca763cc2666c"
content-length: 14986
content-type: image/jpeg

GET
H2 200 Gitmo-Files.png
amg-news.com/wp-content/uploads/2021/05/ 119 KB
119 KB 392ms
80ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/05/Gitmo-Files.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS: amg-news.com
Software: LiteSpeed /
Resource Hash: 97af7d788557a32acf7caf9e7b7a41d22dd1267c564a284a2a7c2e116fa3e976

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
last-modified: Mon, 30 Aug 2021 16:17:09 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 121508
expires: Mon, 25 Oct 2021 15:38:59 GMT

GET
H2 200 xpo3VTKaRR9QfbNFPeRlMluY_large.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 21 KB
21 KB 182ms
181ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/xpo3VTKaRR9QfbNFPeRlMluY_large.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14bab498108252fd77fb54acbd06aa135e4bf8586bea3a61f5563d29d390d46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 72816
cf-polished: origSize=22568, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21403
last-modified: Sun, 18 Apr 2021 00:33:12 GMT
server: cloudflare
etag: "607b7e48-5828"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 17 Oct 2022 19:24:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db59b90b5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 uC9jnGpuODeW_640x360.jpg
static-3.bitchute.com/live/cover_images/z7KkpJobXC1U/ 33 KB
34 KB 264ms
264ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/z7KkpJobXC1U/uC9jnGpuODeW_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

fcd5ece11b27b0adaba8c9a2253844a8ff2a714634cc4eea8676042374196de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx0000000000000174ce8f6-006169198c-67e8a05-nyc3a
cdn-cachedat: 10/15/2021 08:02:52
cdn-pullzone: 89010
content-length: 33912
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-713
last-modified: Fri, 15 Oct 2021 05:56:35 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: f6fe2a658a83865ca6d1fca1ebeb19cb
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 _-5yc.qR4e-small-SITUATION-UPDATE-101721.jpg
sp.rmbl.ws/s8/1/_/-/5/y/ 133 KB
134 KB 516ms
392ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/_/-/5/y/_-5yc.qR4e-small-SITUATION-UPDATE-101721.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 1847b7ea7330186d035e2878afae9e559d8407caf9dd03840cdaf9ce27c9e7d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
last-modified: Sun, 17 Oct 2021 16:20:44 GMT
etag: "a3d9d1dd1774c700283ec03801a90977"
x-hw: 1634571539.cds135.fr8.hn,1634571539.cds137.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3716
accept-ranges: bytes
content-length: 136508

GET
H2 200 jj8yc.qR4e-small-THE-PLAN-UNFOLDING-TO-STARV.jpg
sp.rmbl.ws/s8/1/j/j/8/y/ 176 KB
176 KB 406ms
398ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/j/j/8/y/jj8yc.qR4e-small-THE-PLAN-UNFOLDING-TO-STARV.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 2314dea983536c69c932e9fbc9df801a4c59c44693404ace8209c8b57b8694f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
last-modified: Sun, 17 Oct 2021 18:53:54 GMT
etag: "d7b2e561fe2463f3feeadeb12b3e7374"
x-hw: 1634571539.cds135.fr8.hn,1634571539.cds201.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=18999
accept-ranges: bytes
content-length: 180481

GET
H2 200 images-4-2-300x158.jpg
tapnewswire.com/wp-content/uploads/2021/10/ 11 KB
11 KB 608ms
393ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/10/images-4-2-300x158.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 0316b413e619aafef5f813a066c519aee14b7964c7bd5d19893621c8a1781740

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
last-modified: Sun, 17 Oct 2021 09:36:40 GMT
server: nginx
accept-ranges: bytes
etag: "2d1f-5ce892a69f5a1"
content-length: 11551
content-type: image/jpeg

GET
H2 200 FWfMNUQf6CKW_640x360.jpg
static-3.bitchute.com/live/cover_images/1Ez5eVnVz1yY/ 45 KB
46 KB 171ms
170ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/1Ez5eVnVz1yY/FWfMNUQf6CKW_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

00895539bbf4aac665a4e2c0a897a0b66a71e79b6ac1e12c4beec09bbf51375c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cdn-edgestorageid: 722
x-amz-request-id: tx000000000000018633805-00616c50fa-67d82fc-nyc3a
cdn-cachedat: 10/17/2021 18:36:10
cdn-pullzone: 89010
content-length: 46062
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-713
last-modified: Sun, 17 Oct 2021 16:22:03 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 7438b74415709caca27674b4f727bf33
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 OIP%20(1)(90).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
12 KB 172ms
172ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(90).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e535f97fe2b8929b51cf044fb4ff6a156d50308aa87096c52546db979190991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 241850
cf-polished: origSize=13542, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12535
last-modified: Mon, 13 Sep 2021 00:31:55 GMT
server: cloudflare
etag: "613e9bfb-34e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 02 Oct 2022 20:22:44 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5b3bd85c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 00.png
amg-news.com/wp-content/uploads/2021/03/ 460 KB
460 KB 613ms
560ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/03/00.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS: amg-news.com
Software: LiteSpeed /
Resource Hash: f3a45cecc70c6339b0fe59ddd4f953e204c9762fa5c0e81552a6197859daea5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
last-modified: Wed, 25 Aug 2021 14:15:35 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 471086
expires: Mon, 25 Oct 2021 15:38:59 GMT

GET
H2 200 5qiozv.jpg
i.imgflip.com/ 73 KB
73 KB 216ms
216ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5qiozv.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1092c98d043e25085b48f8668b55723ac319c88df422e07e0aaaa5c53bb72377

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cf-cache-status: HIT
age: 270531
cf-polished: origSize=74940
cf-ray: 6a02db5b5ae55be5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74406
x-amz-id-2: QZXSnMeWzf7bepx+6aOpAo9mBWHv8ZkNKd1P14OVSRKYK3/SuKsSgF5/ANLp3Fe0EbxNoVJwC3c=
last-modified: Fri, 15 Oct 2021 12:22:07 GMT
server: cloudflare
etag: "5d0a0c9aaf473474548376631a7386ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: F6V5D17DXSVT7JMG
access-control-allow-origin: *
expires: Thu, 16 Oct 2031 15:38:59 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 22 KB
22 KB 147ms
146ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 584884
cf-polished: origSize=24183, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22836
last-modified: Wed, 25 Aug 2021 21:06:51 GMT
server: cloudflare
etag: "6126b0eb-5e77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 21:10:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5b5c1f5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 andrew.jpeg
www.henrymakow.com/upload_images/ 9 KB
10 KB 923ms
395ms Image
image/jpeg 2606:4700:3035::6815:4e2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.henrymakow.com/upload_images/andrew.jpeg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c577e459f0a4700bffb9082307bbf5819aa8f1845ab717a651efb7de2fa45487

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 359100
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9198
last-modified: Tue, 02 Apr 2019 16:46:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nl%2BgJOKTKnigk%2B30Imo01ZRwWwd8BeK5D4zlA3NpVBlt7%2Bg7AG8QaJt1KREO%2F307rzagQYDQEerJ7M2kHSFuim%2BvzfJ%2FOAEFuzOcRRQMY7KIizYPKSLoByY9fhg7LguHqHdnRAqDxo4NxxoWkjJdWp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a02db5ead9d43b8-FRA
expires: Thu, 21 Oct 2021 11:53:58 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/NUn4eOR3_6E/ 43 KB
43 KB 96ms
95ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/NUn4eOR3_6E/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a71001b25a760e205043107a029990982305c1cec0acb0adae765d3869dce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44298
x-xss-protection: 0
server: sffe
etag: "1634336094"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Oct 2021 15:43:59 GMT

GET
H2 200 R%20(3)(19).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 39 KB
39 KB 194ms
193ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R%20(3)(19).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b806dbed21c385aa454ce640afb697e81d5880bbb21b24e80f6c2fe9fa269002

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 236469
cf-polished: origSize=41892, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40041
last-modified: Fri, 15 Oct 2021 21:47:09 GMT
server: cloudflare
etag: "6169f6dd-a3a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 15 Oct 2022 21:49:06 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5b5c225c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 download(2).jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 30 KB
30 KB 192ms
191ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/download(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bec819de672b7a7150b2af8981134a3724665d326791e946e8f9e964d227318

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 173467
cf-polished: origSize=32274, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30542
last-modified: Sat, 16 Oct 2021 15:11:59 GMT
server: cloudflare
etag: "616aebbf-7e12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 Oct 2022 15:21:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5b5c245c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 27-alkalizing-foods-fb-918x482.jpg
www.mydailyinformer.com/wp-content/uploads/2018/11/ 17 KB
17 KB 189ms
52ms Image
image/jpeg 2606:4700:3034::6815:4c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mydailyinformer.com/wp-content/uploads/2018/11/27-alkalizing-foods-fb-918x482.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4c32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb8b96e042bc3c298afeeaea201e25da226ab260d6ac4f414c3caa243dc88ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2029
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17210
last-modified: Fri, 30 Nov 2018 11:39:21 GMT
server: cloudflare
etag: "433a-57be0400c6c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOFsp6VPhjdzuvrjOFneiAppDcBJid0ud5we%2FQlQeruuy%2BBF6xVXKj0GvYv6YKPS8NYaBF%2BMNHD0qFzVNsxXIBl9910vlQxpxy6X0c5MjGA9mh1Q%2FHEOBGjQzjbsf8gBnYtA2DsfJhKNYLhgdWKZoFs6JzeCww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a02db5c3a400746-FRA

GET
H2 200 sqYeb63pAj3N_640x360.jpg
static-3.bitchute.com/live/cover_images/BFwpmlvkLsJY/ 33 KB
34 KB 168ms
167ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/BFwpmlvkLsJY/sqYeb63pAj3N_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

2b77f08f6465c1b325524b140a6ce9a149e5f51984b4345b44fbee3981b07d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx000000000000017ce5b74-00616a89dc-67d82fc-nyc3a
cdn-cachedat: 10/16/2021 10:14:20
cdn-pullzone: 89010
content-length: 34194
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-713
last-modified: Sat, 16 Oct 2021 08:07:05 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: c95cf9a8282702523ec86a16b4ab0125
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 5qe6a5.jpg
i.imgflip.com/ 71 KB
72 KB 65ms
64ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5qe6a5.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4848c1220210017fc059081ccafde7832d950e02ce946df7492dc78d9fbc204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cf-cache-status: HIT
age: 353321
cf-polished: origSize=73735
cf-ray: 6a02db5b6ae95be5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73041
x-amz-id-2: yglL4j82QSHfUiY3hvdgT4vbY839jqoT/rIIhMMmY7h+ZOEBFtnKGYk8AuG/YDBOLYW0pskrZ4I=
last-modified: Thu, 14 Oct 2021 13:21:35 GMT
server: cloudflare
etag: "9a8cd17ee57318b08fc763f99f536d50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VJXJCZF5QKRCTVQG
access-control-allow-origin: *
expires: Thu, 16 Oct 2031 15:38:59 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 5qrf6w.jpg
i.imgflip.com/ 89 KB
89 KB 213ms
212ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5qrf6w.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1534b6114af9bdff2d73bbbf0ddc4bbc7479297c9676ae07bde3665b5075e099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
cf-cache-status: HIT
age: 90528
cf-polished: origSize=91676
cf-ray: 6a02db5b6aea5be5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 91203
x-amz-id-2: CGNZrb3+BNG05SS6blyRW1jLJPrUYCvGGvkO1Jl/iPiYeAjKvcjCqyDTSpj2twNyKB4jKnQUKF0=
last-modified: Sun, 17 Oct 2021 14:25:15 GMT
server: cloudflare
etag: "4aae3b864ec55b48a1675c54aefbe026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: RYMZT56V2M67TAD9
access-control-allow-origin: *
expires: Thu, 16 Oct 2031 15:38:59 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 rCDyc.qR4e-small-SITUATION-UPDATE-101521.jpg
sp.rmbl.ws/s8/1/r/C/D/y/ 110 KB
110 KB 672ms
672ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/r/C/D/y/rCDyc.qR4e-small-SITUATION-UPDATE-101521.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: a288266a6da789d69f5a149dd1b3a70555a4c0587049dc56d363d099a3071786

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
last-modified: Fri, 15 Oct 2021 20:13:33 GMT
etag: "50ff1eff1d0206412bcee4338815b8d3"
x-hw: 1634571539.cds135.fr8.hn,1634571539.cds132.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=19205
accept-ranges: bytes
content-length: 112745

GET
H2 200 twitter.png
tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/ 3 KB
3 KB 558ms
558ms Image
image/png 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/twitter.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
last-modified: Fri, 27 Aug 2021 07:45:22 GMT
server: nginx
accept-ranges: bytes
etag: "ad4-5ca85aa77ea7b"
content-length: 2772
content-type: image/png

GET
H2 200 vZ7xc.4Wpjb.1.jpg
sp.rmbl.ws/s8/6/v/Z/7/x/ 67 KB
67 KB 577ms
577ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/v/Z/7/x/vZ7xc.4Wpjb.1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 3fb470af8e2e82f0cddd7f387665efbf51e03c13fbc66119c968735c7d555c20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
last-modified: Wed, 13 Oct 2021 23:32:33 GMT
etag: "7e37890738f52cf439e63aaf823d312b"
x-hw: 1634571539.cds135.fr8.hn,1634571539.cds013.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=35027
accept-ranges: bytes
content-length: 68388

GET
H2 200 justin-trudeau-bans-lets-go-brandon.jpg
theconservativetreehouse.com/wp-content/uploads/2021/10/ 280 KB
281 KB 399ms
123ms Image
image/jpeg 2606:4700:20::681a:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theconservativetreehouse.com/wp-content/uploads/2021/10/justin-trudeau-bans-lets-go-brandon.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ca4e4d1de91dc8a7d5066e67db7fc65d912c41479237e7f37e21c09e2ee9c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52997
x-cache-nxaccel: STALE
cf-bgj: h2pri
content-length: 287000
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Oct 2021 00:43:53 GMT
server: cloudflare
etag: "46118-5ce95d6d57dad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daE%2BHmJWqeDqcOEfE6PLeXmCjYJqpe7oGv7OsoO4AcXbuWik4L1FzzSyQ7sAmoCysNBQgxn2Hf%2FF%2BkxC%2B7BJiQZwPn2t%2FNvHL4G2S5xSmASe86TP%2FS5qVcYUFjD9TTYqb8kHR4UG4mhhvdvmeps1mlWPmyBJDDQoxrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5ee9625bed-FRA
expires: Tue, 18 Oct 2022 00:52:08 GMT

GET
H2 200 OIP%20(4)(83).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 43 KB
44 KB 459ms
184ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(4)(83).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7359438f299e85e74d4220c293e0d8b1cb52ba44ded487f1a1914cc25567648d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 53516
cf-polished: origSize=46795, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44322
last-modified: Mon, 18 Oct 2021 00:37:44 GMT
server: cloudflare
etag: "616cc1d8-b6cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 18 Oct 2022 00:38:20 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5eebe55c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 R%20(3)(21).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 39 KB
40 KB 669ms
394ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R%20(3)(21).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c6e7b67d6dd7558f3897e5c8cd555b0db2509b257565c58740f06133e29562

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 163194
cf-polished: origSize=44238, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39919
last-modified: Sat, 16 Oct 2021 18:06:19 GMT
server: cloudflare
etag: "616b149b-acce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 Oct 2022 18:08:34 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5eebe95c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Screen%20Shot%202021-10-18%20at%202_35_40%20PM.jpg
img.beforeitsnews.com/contributor/upload/807978/images/ 35 KB
35 KB 775ms
500ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/807978/images/Screen%20Shot%202021-10-18%20at%202_35_40%20PM.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fad430ecf9e540e5af0b0cdd1ac424d9dc044d7aab1466736002a5efd2a5b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6106
cf-polished: origSize=40952, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35713
last-modified: Mon, 18 Oct 2021 13:36:03 GMT
server: cloudflare
etag: "616d7843-9ff8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 18 Oct 2022 13:51:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5eebe75c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 amazonwaste-660x330-1.jpg
thewashingtonstandard.com/wp-content/uploads/2021/10/ 46 KB
47 KB 402ms
100ms Image
image/jpeg 2606:4700:3036::ac43:d037
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thewashingtonstandard.com/wp-content/uploads/2021/10/amazonwaste-660x330-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d037 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30b0591a5cb5c33c3cfa3024e31bc4d8bd68ef5c6eca08f21eccce629beb39cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47499
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Oct 2021 12:24:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho9REf0fO%2F9AOtoDOhsmqITFjxf5D1YJuTOEYT6mJmw1192xivS4eheYZG1uetHHs6RCA3LAWd3u2hQVK836s3hHz3FFhMCaTDMLvDSYY87D3qHdxR9B4QqCVJaE6z9oaY9on8BkADM1YVr4emJDlcONuOO55X52"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db5f18d005dc-FRA
expires: Tue, 18 Oct 2022 12:34:26 GMT

GET
H2 200 lpDyc.qR4e-small-Jab-Scientist-Discovers-Hat.jpg
sp.rmbl.ws/s8/1/l/p/D/y/ 136 KB
137 KB 478ms
476ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/l/p/D/y/lpDyc.qR4e-small-Jab-Scientist-Discovers-Hat.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6c05c3eae8d3b161e973f75a1726f5f722532eefaedc84df71e2a41d1c3a6bdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
last-modified: Fri, 15 Oct 2021 19:54:50 GMT
etag: "e2ba31f756a69a436da517c58a19e30c"
x-hw: 1634571540.cds135.fr8.hn,1634571540.cds135.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16154
accept-ranges: bytes
content-length: 139562

GET
H2

200

Screenshot_20210914-184255.png
www.henrymakow.com/upload_images/
Redirect Chain

https://henrymakow.com/upload_images/Screenshot_20210914-184255.png
https://www.henrymakow.com/upload_images/Screenshot_20210914-184255.png

119 KB
119 KB

348ms
47ms

Image
image/png

2606:4700:3035::6815:4e2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.henrymakow.com/upload_images/Screenshot_20210914-184255.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da7f56c0ab8e000af55fca099183ec0f7ffbee743e1f0d021b9afb578c6bb94c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 430195
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 121656
last-modified: Wed, 15 Sep 2021 15:38:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7DkcqTplKx570XMTNsNSJXzDP1453spZDFC40RzlKKnwc0e%2FBH%2BW3nzEjLD2EGFzWLE%2FBCHq%2F%2BbKJnHH2TukqACFOOpt9d1XelUliK8sSQ5drfYk%2BHwz20ai0ugIvN%2BgS7zXefIPXIeRcJblTxMJVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a02db64dbef43b8-FRA
expires: Wed, 20 Oct 2021 16:09:04 GMT

Redirect headers

location: https://www.henrymakow.com/upload_images/Screenshot_20210914-184255.png
date: Mon, 18 Oct 2021 15:38:59 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 707
content-type: text/html

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 210ms
209ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/culturebg.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 361256
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 11:18:03 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6a02db590f805c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame AF08 2 KB
1 KB 55ms
54ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202191815
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44048535de81b7a3309d0fdffe816de5fbd19d82629956d9fb2a70f051261a4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 4566
last-modified: Wed, 08 Sep 2021 05:45:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XEK2SK54MQ2J60X6
x-amz-id-2: O4ASwyzi3/JhC8znfjSIwtZkKBAZIxW7TnYkJDtmr0SZhXDP2V4AbKMbwsaBFJeyto2QgTDRCXM=
cf-bgj: minify
server: cloudflare
etag: W/"41011185499ef3cdbc478e8a78e1b8cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6a02db5efe9a7040-FRA
expires: Mon, 18 Oct 2021 18:39:00 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 224ms
224ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner/BIN_Join_Telegram_bg-min.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2112480
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 24 Sep 2022 04:50:58 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6a02db593fdc5c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame F273 2 KB
1 KB 164ms
164ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202191815
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a7060843b2adf1775e4e6345f0c0089037746f2643934a7ca11f1e8987e735

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 4566
last-modified: Wed, 08 Sep 2021 08:07:03 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: KAW76HQF0V29YJ58
x-amz-id-2: ZUXjrfhRCidguReADAtSNCxNByUhW28ljPAvG5qgN5XMDVvMx76XDD1h6xrms4GJIveGIIFUEJg=
cf-bgj: minify
server: cloudflare
etag: W/"f075fd5795e71a23dc54ed3fd9ce7745"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6a02db5efe9d7040-FRA
expires: Mon, 18 Oct 2021 18:39:00 GMT

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 237ms
237ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/logo-bottom.jpg
pragma: no-cache
cookie: SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211014.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 651429
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Oct 2022 02:41:50 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6a02db5968505c98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 514ms
115ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d0fd01b64891f6004665586e4ebee68ec91cce0105f0d66d879e7113994558da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51437
x-xss-protection: 0
server: cafe
etag: 12948692988489954177
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Oct 2021 15:39:00 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
638 B 538ms
57ms Script
application/javascript 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9
last-modified: Mon, 18 Oct 2021 05:44:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YUNCJe1Aa3g3mw1hzwOexp6yd3CWRVSCG2ZpmxhIdWDHJ80Jn5onDFCF2TxbwGsYIIxDCelMWBmCAYB7LYB%2BwX4MVxwq5MJbU%2Bj6TaUUZzZaoknbB8uBbuxNjVT%2B9X%2BiLNb9vse9R61"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6a02db62996f5373-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
662 B 393ms
51ms Image
image/gif 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27024
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhWoqKllUSOcY63GyFbMQU375KgkTDIAByC0mUsDmem1%2BjDQaVjgWvKhKUaeGN9ByuakYARNjMJGayJGtBwK44P%2FMY5zqYJ0ESNwP9vQh8qub8j%2BtrkvTpTbzT3a9lLPgyZ210H0IuSC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6a02db61bb6e703a-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
199 B 257ms
18ms Image
text/plain 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
596 B 1341ms
710ms XHR
text/html 104.22.74.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1433ff7f649fc521f9456fe2232e44a6e0dd3ef138d19461d99671a3f8cb2873

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6a02db5d9d6d6969-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 2242 18 KB
7 KB 1073ms
376ms Document
text/html 65.9.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

a087e064b3db992a7aa2493abe62fda9299bc7da62747d1d9c31112fc4ccf15f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-l4M3EitOoJtkQ3t+zWuTZA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Mon, 18 Oct 2021 15:37:59 GMT
expires: Mon, 18 Oct 2021 15:39:59 GMT
cache-control: max-age=120
content-security-policy: script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-l4M3EitOoJtkQ3t+zWuTZA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: vPtIYJz0aNro3O7RVRZj7iEjGNDlwyzjx50bC-QN5h7i15zwhdM_vA==
age: 61

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 294ms
11ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 3124
date: Mon, 18 Oct 2021 14:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 18 Oct 2021 16:46:57 GMT

GET
H2 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 232 KB
65 KB 64ms
64ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d094d8099fd062aa094102592e79d82fcdfc5491815bb720f4731d2235704f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:38:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 3164
last-modified: Wed, 08 Sep 2021 08:32:54 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: WCK6052VWZR8E1AS
x-amz-id-2: FmnHovoHkYOgoCWbGjoeunTVhqXZ2WPKDXcadVwiwq2eSWi1/4ylIYeiQJVdovGrTBKS9H8qMn0=
cf-bgj: minify
server: cloudflare
etag: W/"fdcdd6f00d5322d781b15dbc79096bc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6a02db5b680968e9-FRA
expires: Mon, 18 Oct 2021 18:38:59 GMT

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame AF08 232 KB
65 KB 55ms
54ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202191815
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57fbcd5222f2ad85bff6adbea147fd03df4ca1759e34ae437e29051c43dd5cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 4434
last-modified: Wed, 08 Sep 2021 05:45:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 4HNERPQV96VMEPZR
x-amz-id-2: IrRfMA+jjp4DyxVzyLfqOCyq7rOh1mjvBmTV7RGowjDiPXgMrSdyWcJY1+v7Co7+QOyffdscTKQ=
cf-bgj: minify
server: cloudflare
etag: W/"f01ecd0e15f33a32665361e67f28b5e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6a02db5f5f8a7040-FRA
expires: Mon, 18 Oct 2021 18:39:00 GMT

GET
H3 200 beforeitsnews.com.720412.es6.js Show response
jsc.mgid.com/b/e/ Frame F273 232 KB
65 KB 197ms
197ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202191815
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b45da36302b1875d7e6dd6a31f010b0b06fc6c1b6ba2fbf4d756f18dcddf3e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 4344
last-modified: Wed, 08 Sep 2021 08:07:03 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XX9SABXSAQA7VCBW
x-amz-id-2: Yhyw4nCX0BAa6AR8c35tudjxD+rFwmNukIPKMTCAntIAreXb5bokjZ1z5XEDeVm2XS4/vli9NOk=
cf-bgj: minify
server: cloudflare
etag: W/"bde038cd1d915872cf6ebb4f4f831aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6a02db60091d7040-FRA
expires: Mon, 18 Oct 2021 18:39:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
125 B 189ms
143ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1634571540495403914847&uniqId=170d8&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=616d9514-13422&pageView=1&pvid=17c940e581084ffd6b1&site=310742&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a02db63190068e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 212ms
53ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 1546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6a02db618dd268e9-FRA
expires: Tue, 19 Oct 2021 15:39:00 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 498ms
339ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 6181
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6a02db618dd468e9-FRA
expires: Tue, 19 Oct 2021 15:39:00 GMT

GET
H2 200 en.f9b24ad5d420d753.js Show response
s.tradingview.com/static/localization/translations/ Frame 2242 425 KB
68 KB 142ms
141ms Script
application/javascript 65.9.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.f9b24ad5d420d753.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

1c5e0f1b09eb75c2896c936308817233cda2f006a88d962ff484687130be713c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 10:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19614
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 18 Oct 2021 09:13:56 GMT
server: tv
etag: W/"616d3ad4-10b25"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: BH2TjpSKhbBS85zPhT290qKSNs65IkZ8psijI5NtkG3WVwzVO0fGgg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.b08e356e9b21962685f6.js Show response
s.tradingview.com/static/bundles/embed/ Frame 2242 59 KB
22 KB 410ms
409ms Script
application/javascript 65.9.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.b08e356e9b21962685f6.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

d1b1bb8bfba232ca4edb5d6ca4bfd1cc5b8cef222d835eaddeee199e868e6722

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 10:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19614
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 18 Oct 2021 09:14:05 GMT
server: tv
etag: W/"616d3add-541c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: r0TjRGrljGXK5ypdQ8dxm7JfO_i3ZL6358mnzfRSFfbtFdasFmGDaA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.32e86cc59cd44e12e10e.js Show response
s.tradingview.com/static/bundles/embed/ Frame 2242 144 KB
47 KB 41ms
41ms Script
application/javascript 65.9.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.32e86cc59cd44e12e10e.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

6cab9f44156fa2f5bd5a49775f40ea75d5b4d917c713a341267d48cbed0b725e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278635
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 15 Oct 2021 08:39:31 GMT
server: tv
etag: W/"61693e43-baf6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: IiB5Wff9iUiQS-B2bs7m6-dQF7wjVH-gdJgsfzYr_J5nL1Fvh2ueTA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.5e59ca1c21aad72d1bcc.js Show response
s.tradingview.com/static/bundles/embed/ Frame 2242 283 KB
82 KB 69ms
69ms Script
application/javascript 65.9.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.5e59ca1c21aad72d1bcc.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

689f2aa7e1479eb66d5d19c5ab5ee1a4835046f1e008fac9c9d25682fd5f8869

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 10:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19613
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 18 Oct 2021 09:14:05 GMT
server: tv
etag: W/"616d3add-14555"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: bMaa_ywmZxQJ8YGSIhh53GKoFNEQP_HplbK2GyNjsGZ-Ga2f7be_YA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.5decea81a5d9f250c172.css
s.tradingview.com/static/bundles/embed/ Frame 2242 1 KB
1 KB 411ms
410ms Stylesheet
text/css 65.9.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.5decea81a5d9f250c172.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

61272354c450141b08dfb8d1bf7cb6d67e8e4236f605074ccc86c89749f7249a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 10:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8225514
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 15 Jul 2021 10:05:38 GMT
server: tv
etag: W/"60f00872-2be"
vary: Accept-Encoding
content-type: text/css
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: wtqF8C6GWFUk01O3JWxyjd4-mDO6F6cg96EYPUGcP9T3rMRwfMPPPg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.1aadc88a7bafa11f9887.css
s.tradingview.com/static/bundles/embed/ Frame 2242 26 KB
4 KB 411ms
411ms Stylesheet
text/css 65.9.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.1aadc88a7bafa11f9887.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

6e5885cb048ca400e25c37ab41913ba7a288c31c5bf571e19b40e4366e17cd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1568814
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 30 Sep 2021 10:26:40 GMT
server: tv
etag: W/"615590e0-f7f"
vary: Accept-Encoding
content-type: text/css
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: PNqNG_6p48XLFxO16eBqwmAyap6_VlbfBwASJGULdx5lgWX5HcsrcQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
1 KB 120ms
78ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?pv=5&cbuster=1634571540790858868603&uniqId=170d8&niet=4g&nisd=false&jsv=es6&w=370&h=312&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=616d9514-13422&pageView=1&pvid=17c940e581084ffd6b1&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebba9b5028903e9701b3de22ae0c945b38a62e4d75f85c76ab5365cd25a95d6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a02db63293a68e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:14:43 GMT
x-content-type-options: nosniff
age: 588257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 20:14:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 6041 10 KB
5 KB 55ms
13ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211013/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 17 Oct 2021 21:27:24 GMT
expires: Sun, 31 Oct 2021 21:27:24 GMT
content-type: text/html; charset=UTF-8
etag: 9069739545958607985
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4691
x-xss-protection: 0
age: 65497
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 widget-ssp-performance
c.mgid.com/ 43 B
107 B 143ms
142ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=277
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a02db63cadc68e9-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 2242 95 KB
38 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.5e59ca1c21aad72d1bcc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e8c11224b48382bc205514ab45429e0a70b9c12a0c4b7913f330870f7d94d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38545
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Oct 2021 15:39:01 GMT

GET
H2 200 305.ec7ca0f804a63d865c10.css
s.tradingview.com/static/bundles/embed/ Frame 2242 801 B
758 B 12ms
11ms Stylesheet
text/css 65.9.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/305.ec7ca0f804a63d865c10.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b08e356e9b21962685f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364974
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 14 Oct 2021 08:46:20 GMT
server: tv
etag: W/"6167ee5c-104"
vary: Accept-Encoding
content-type: text/css
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: UwEbsYcHyghpYEH05V7yH4sONZ4WdNsgU08WiMaYiWwu01vaC619Aw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.bc2a1d12352656925c8a.js Show response
s.tradingview.com/static/bundles/embed/ Frame 2242 4 KB
3 KB 11ms
11ms Script
application/javascript 65.9.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.bc2a1d12352656925c8a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b08e356e9b21962685f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

6f4c7baf55e7c028d298c83e4a92e38dd451d5c025ed77ddc4703f4e0fb66253

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4508814
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Aug 2021 09:21:05 GMT
server: tv
etag: W/"6128ae81-8cc"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: OSNjBAUDy_9RnMXXlonUb4akAyWvFNJ7XDkwmjuniIovzE_CK1wTww==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
399 B 85ms
84ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=621
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a02db64bcb47040-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 45ms
45ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1452162017&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1785290903&gjid=1096026363&cid=1602001129.1634571541&tid=UA-16055024-1&_gid=2032337334.1634571541&_r=1&gtm=2ouad0&tc=x&z=228130511

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 91ms
90ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1090&cols=1&pv=5&cbuster=1634571541249867323157&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=616d9514-13422&pageView=0&pvid=17c940e581084ffd6b1&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4d35dd58e023ab8d367e289b6651cedd9ebaf3e0089120d2a77c3a74320b5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a02db64dcf37040-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA2LzEwMTkyNC9mZWU1NzUzMjU5OWY3YTBiY...
s-img.mgid.com/g/10839627/492x328/-/ 17 KB
18 KB 168ms
64ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10839627/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA2LzEwMTkyNC9mZWU1NzUzMjU5OWY3YTBiY2QyY2NkOWIxNWFiZTZmNi5qcGVn.webp?v=1634571541-qzeh93EweZjuGJLLgz16xp11RxeMARlLmPU4QHg5JDA
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19da9c5072265bf82a294dbb3c4283ed53255f69ab36a877f8b87cfd03950107

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 16:28:16 GMT
x-mg-request-uuid: ac5322f8-3281-458e-943d-f9e0ac94e210
age: 1463954
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db657f051f29-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17794
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2242 48 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 3124
date: Mon, 18 Oct 2021 14:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 18 Oct 2021 16:46:57 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
414 B 151ms
63ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-16055024-1&cid=1602001129.1634571541&jid=1785290903&gjid=1096026363&_gid=2032337334.1634571541&_u=YEBAAUAAAAAAAC~&z=944291366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Oct 2021 15:39:01 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
881 B 141ms
107ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1634571541295675667868
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442520fec7151cceb5a2fc4f249905f146f50dda9550145fcd71fa7c2030bd11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a02db655e8f68e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 9140 19 B
267 B 95ms
93ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1634571541327388557190
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a02db655e8e68e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 1 Show response
servicer.mgid.com/720412/ 1 KB
1 KB 115ms
115ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=312&cols=1&pv=5&cbuster=1634571541357546529650&uniqId=03b91&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=616d9514-13422&pageView=0&pvid=17c940e581084ffd6b1&implVersion=10&dpr=1&muid=l9i11HMWdQD8
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 978511d27e62b8a8d9475a179ce9d2aa107b1b3669489f10e286cee0af9a0518

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a02db658e857040-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp
s-img.mgid.com/g/3805477/492x277/0x25x1024x682/ 31 KB
31 KB 123ms
122ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805477/492x277/0x25x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp?v=1634571541-UnsDxB80U6cq7aAmW3gIz7Z5xrbYK7X05SAsoXI-odc
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec51bd18a66799977faa6b2bca45b99fd240e6a1f7a8a9848d08fe20d0e5b52a

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:12 GMT
x-mg-request-uuid: fd509a12-8b9e-4983-8b35-2f7b0ffc785b
age: 1472692
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db659f361f29-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31768
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/ 21 KB
21 KB 202ms
201ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1634571541-nayVt3wfwbaylvHEoN8F4hmctN5EpBhCvIKU5bIsBzM
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc08b676d54c8f448b423f9f8295962fabafe7dbe9be4e1db772497ec1cfc9b

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:22:56 GMT
x-mg-request-uuid: 00dea646-c6f3-4dcd-800d-d2fe27c26ecd
age: 1472147
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db659f391f29-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21168
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.mgid.com/g/8052388/492x277/0x0x672x448/ 21 KB
21 KB 106ms
106ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052388/492x277/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1634571541-aJrH4kjdNEyC7E_hJ9tZwRI2Y8eigDQTAdKKJRdBfKE
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52733ad0523c74ce6129fcff09c9463aa9185dc75f1dc829d6d6f87f29906cd

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:23 GMT
x-mg-request-uuid: cec512cb-390a-4d76-8317-ab5a8e09dcc6
age: 1472594
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db659f3b1f29-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21064
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/ 28 KB
28 KB 165ms
165ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1634571541-UadWRI8HLWpLgdPQ-Uw60zO57Y-5p8oGPe6FcT24Nto
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6faa9082282e075a073e7ea8758e2ffd548a8f41c92dd12af560d9843b8f11eb

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:07 GMT
x-mg-request-uuid: cea7394e-daed-4012-a25e-386a66599113
age: 1472299
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db659f3d1f29-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28600
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 376ms
224ms Script
application/javascript 13.35.253.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-71.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 02:24:04 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 47727
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: aonI3JKm1zRU6SJMbsNGlvtJ2ju6RxR7ZX-Tjxl8kt2YX6BOU0cAeQ==

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 1967 1 KB
885 B 318ms
56ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1634571541295675667868
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: VertaMedia 1.0
Date: Mon, 18 Oct 2021 15:39:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 845B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

107ms
16ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1634571541295675667868
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Oct 2021 15:39:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Mon, 18 Oct 2021 15:39:01 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlpMXlZWTZNWEQ4&muidn=l9i1yYY6MXD8
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlpMXlZWTZNWEQ4&muidn=l9i1yYY6MXD8&google_tc=
https://cm.mgid.com/google?muidn=l9i1yYY6MXD8&google_ula={guid},5&google_gid=CAESEDHclKnRqsocyMP3sPAj9xI&google_cver=1

0
376 B

65ms
64ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l9i1yYY6MXD8&google_ula={guid},5&google_gid=CAESEDHclKnRqsocyMP3sPAj9xI&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a02db680d1a7040-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l9i1yYY6MXD8&google_ula={guid},5&google_gid=CAESEDHclKnRqsocyMP3sPAj9xI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
495 B 346ms
91ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l9i1yYY6MXD8
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a02db679a87697f-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=rRckaIXmjR8YgjXTxILw&pi=mgid&tc=1

43 B
545 B

101ms
101ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=rRckaIXmjR8YgjXTxILw&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a02db6938327040-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=rRckaIXmjR8YgjXTxILw&pi=mgid&tc=1
pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT, Mon, 18 Oct 2021 15:39:01 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

sync.gif
dispatcher.adxcore.com/a/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l9i1yYY6MXD8
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l9i1yYY6MXD8
https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0

0
260 B

305ms
48ms

Image
text/plain

5.135.97.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.135.97.203 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:02 GMT
cache-control: private
server: Apache

Redirect headers

Location: //dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0
Date: Mon, 18 Oct 2021 15:39:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=35794855-d96a-4e98-9ec9-a51218c70850

43 B
577 B

95ms
95ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=35794855-d96a-4e98-9ec9-a51218c70850
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a02db723f2e7040-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=35794855-d96a-4e98-9ec9-a51218c70850
date: Mon, 18 Oct 2021 15:39:03 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=X1SY9OlUnYBkTPRf3PsnXqwr&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0&gdpr=&gdpr_consent=&us_privacy=

43 B
561 B

90ms
89ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a02db6c581b7040-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0&gdpr=&gdpr_consent=&us_privacy=
Date: Mon, 18 Oct 2021 15:39:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=7741f530-7f52-4553-ac46-e67967e16140

43 B
545 B

92ms
92ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=7741f530-7f52-4553-ac46-e67967e16140
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a02db6958817040-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=7741f530-7f52-4553-ac46-e67967e16140
date: Mon, 18 Oct 2021 15:39:01 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
413 B 461ms
60ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l9i1yYY6MXD8
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a02db688af868f7-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=8450db5b-6953-4a7f-af28-5401467ce567&ttl=1637163541

43 B
545 B

88ms
87ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=8450db5b-6953-4a7f-af28-5401467ce567&ttl=1637163541
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a02db6968b77040-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=8450db5b-6953-4a7f-af28-5401467ce567&ttl=1637163541
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET 34b9aae5baa016b251b9fc488f4a97cd.gif
sync.e-volution.ai/ 0
0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 97ms
42ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16055024-1&cid=1602001129.1634571541&jid=1785290903&_u=YEBAAUAAAAAAAC~&z=512845007

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 82ms
44ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16055024-1&cid=1602001129.1634571541&jid=1785290903&_u=YEBAAUAAAAAAAC~&z=512845007

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp
s-img.mgid.com/g/3805477/492x277/0x25x1024x682/ Frame AF08 31 KB
32 KB 92ms
52ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805477/492x277/0x25x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp?v=1634571541-UnsDxB80U6cq7aAmW3gIz7Z5xrbYK7X05SAsoXI-odc
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec51bd18a66799977faa6b2bca45b99fd240e6a1f7a8a9848d08fe20d0e5b52a

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:12 GMT
x-mg-request-uuid: fd509a12-8b9e-4983-8b35-2f7b0ffc785b
age: 1472692
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db6659c47049-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31768
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/ Frame AF08 21 KB
21 KB 141ms
102ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1634571541-nayVt3wfwbaylvHEoN8F4hmctN5EpBhCvIKU5bIsBzM
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc08b676d54c8f448b423f9f8295962fabafe7dbe9be4e1db772497ec1cfc9b

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:22:56 GMT
x-mg-request-uuid: 00dea646-c6f3-4dcd-800d-d2fe27c26ecd
age: 1472147
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db6659c87049-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21168
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.mgid.com/g/8052388/492x277/0x0x672x448/ Frame AF08 21 KB
21 KB 262ms
223ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052388/492x277/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1634571541-aJrH4kjdNEyC7E_hJ9tZwRI2Y8eigDQTAdKKJRdBfKE
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52733ad0523c74ce6129fcff09c9463aa9185dc75f1dc829d6d6f87f29906cd

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:23 GMT
x-mg-request-uuid: cec512cb-390a-4d76-8317-ab5a8e09dcc6
age: 1472594
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db6659c97049-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21064
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/ Frame AF08 28 KB
28 KB 337ms
299ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1634571541-UadWRI8HLWpLgdPQ-Uw60zO57Y-5p8oGPe6FcT24Nto
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6faa9082282e075a073e7ea8758e2ffd548a8f41c92dd12af560d9843b8f11eb

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:07 GMT
x-mg-request-uuid: cea7394e-daed-4012-a25e-386a66599113
age: 1472299
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db6659cc7049-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28600
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC85YzNiMmU2NzAyMTcyNzY1M...
s-img.mgid.com/g/10839623/492x328/-/ 9 KB
9 KB 350ms
346ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10839623/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC85YzNiMmU2NzAyMTcyNzY1MzU4OThmZjQ4MmY5OTg2MS5qcGVn.webp?v=1634571541-4HlSiISZXnPhySF0PnQYXlCc_uabrsXiMNpdWWWnoXs
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e0f6ff9dbdebf16fd835c4069d83b858784ad4387ef047e7a3bcf55c377febe

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 16:27:00 GMT
x-mg-request-uuid: ba6958c6-008b-4cef-9018-27db40432be3
age: 1464173
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db6659cd7049-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8882
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC85YzNiMmU2NzAyMTcyNzY1M...
s-img.mgid.com/g/10839623/492x328/-/ Frame F273 9 KB
9 KB 254ms
253ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10839623/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC85YzNiMmU2NzAyMTcyNzY1MzU4OThmZjQ4MmY5OTg2MS5qcGVn.webp?v=1634571541-4HlSiISZXnPhySF0PnQYXlCc_uabrsXiMNpdWWWnoXs
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e0f6ff9dbdebf16fd835c4069d83b858784ad4387ef047e7a3bcf55c377febe

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 16:27:00 GMT
x-mg-request-uuid: ba6958c6-008b-4cef-9018-27db40432be3
age: 1464173
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a02db66fb707049-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8882
server: cloudflare

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634571541756&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634571541756&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

64 B
329 B

22ms
21ms

Image
image/gif

13.35.253.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634571541756&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-71.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:39:01 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: zDo2Px1wIXRqhZtsREcD-LzR_rYkhw_wiRYXp2OoaWCfv8N5ZdWStA==

Redirect headers

date: Mon, 18 Oct 2021 15:39:01 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634571541756&ns_c=UTF-8&cv=3.5&c8=Before%20It's%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
content-length: 217
x-amz-cf-id: PKVAlXEaLaDgsmdL9JKhPD4JedaNxEi1WK-1fyckkmF7ldykWwlFrQ==

GET csync
sync.adtelligent.com/ Frame 1967 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 845B 31 KB
9 KB 27ms
27ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 15:39:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=51268
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9275
Expires: Tue, 19 Oct 2021 05:53:29 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 845B 284 B
536 B 68ms
21ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H3 200 c
c.mgid.com/ 43 B
441 B 72ms
72ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=366|282|8|wfjBU_zHdOFybY5ieijTUNUlWrK1yjhUwn6Yme_KsDJmndhwKxiwGmTkOdjyp1oy&fw=1&extjs=66044&cid=720413&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=8421c3df-3029-11ec-8ccc-2cea7f875b01&tt=Direct&iv=11&pageImp=1&pvid=17c940e581084ffd6b1&muid=l9i1yYY6MXD8&cbuster=1634571542596731046016&tpl=0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 15:39:02 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 47cc06fa-1071-4aaa-898e-e8d9175e46e6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a02db6d4a667040-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 2242 3 KB
800 B 172ms
13ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:26:33 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 753
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: Jd387_zZ7ov-I2F7Y21v7Wu2MXQK0F_r8rV2JUzXSRWozw6pd5RGnw==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame 2242 1 KB
1 KB 173ms
15ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:48:37 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
age: 3034
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: 9Ev_xMvKCu4HbKg2xu41sL4mNMcS4rsU5lDFRlHKJsUgiwiW-gWWjA==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 2242 870 B
1 KB 173ms
15ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:05:57 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
age: 1988
etag: "e9173ef4613c3da43c45885ea39c4b96"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: URCYKnqc7qEiJgBE-dt1bRx4ypBjw8S2c62Q_xcD08FE1c1RQ6X1Fw==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 2242 801 B
1 KB 176ms
19ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:48:08 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
age: 3059
etag: "107060b925841745f310697bd9f1f83d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: 9XgJQDkCQjQoUMzrNiRs1QJY2EnZ53YSQMNYCzPnmKDzSI3sKtNx_w==

GET
H2 200 facebook.svg
s3-symbol-logo.tradingview.com/ Frame 2242 225 B
621 B 178ms
21ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/facebook.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f785ad56ccd948b3be8bc3fc810e51ccd0cbb9f4da47100300b25797e9ffb8ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:35:57 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:20 GMT
server: AmazonS3
age: 190
etag: "0c6d458a2d9ece244f3676100a74b59f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 0c6d458a2d9ece244f3676100a74b59f
content-length: 225
x-amz-cf-id: 9mbnb2IUuzk6PRzjodku_-d14j6RCxCQoYNqBLmfTNS0CjsXkVc29A==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame 2242 1 KB
1 KB 177ms
19ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:53:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 2818
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: PNyRQGK9G7_SLkTezR3q8eLxyyHrgRJrV_fJK6emzGlkw6zOhGCiEQ==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 2242 523 B
912 B 19ms
17ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:21:48 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
age: 1036
etag: "4542d4ecd73f04c73affa787a4522596"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: -mmIpziDh04AYonlYMJM58RCZdjiR4M7frvSVjzDAI8CtrPI8lJ-sQ==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame 2242 522 B
919 B 25ms
22ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:10:57 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
age: 2734
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: 5fowHeFA47xQsq3h_12JkX3w2sC7dDs3GUREDj6fUbB7T1VBLWV_BA==

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame 2242 182 B
581 B 32ms
30ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:12:36 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
age: 1861
etag: "a4fcbd383e2f657b6528f4aa95844de5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: Av7gV8QUpg1-9EvTTjvFn1_A6FtQvULxdR1zJX50UW7wVhwD9mpxTA==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame 2242 1 KB
1 KB 36ms
34ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:42:15 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 07:36:30 GMT
server: AmazonS3
age: 3443
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: g7AdGpQA3tS4UzTD-yXfSRmx24NK0A0FA69HZiPOZRRzLthxUAWFYw==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame 2242 508 B
897 B 21ms
19ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:56:49 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
age: 2535
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: 6kzv0O3po-jZ3s8eBL5OwbKOJBRZlvTJ8unQTs2yuu4BowsP9CtwWQ==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame 2242 304 B
699 B 36ms
34ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:36:49 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
age: 137
etag: "074d127e2f9fd8c2e79c01a5f002979c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: iknKfD5sZeHn8gwx_UtQ2tyf8f5A2fc1L5ngkkqyv26BoOLA1cOphw==

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame 2242 1 KB
1 KB 25ms
23ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:36:22 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
age: 363
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: JHB-J0CqPpurRdc7XSlD_0O9t_BjEJY7E8wYeisaPOld8lEnzq4Iwg==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame 2242 635 B
1 KB 32ms
30ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:14:57 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
age: 1454
etag: "4c66a5172a9c77ab75e140f5079218ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: pCdIxYqnew7tTqE52IrIDLrKbkvqnrmXt_GXPFc-sUmGVx-A6Fm1fw==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame 2242 1 KB
1 KB 25ms
23ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:10:47 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 1698
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: UqXdlwiw0A7qOM2ZoulLreNY32XlTA72dXpmqwPeOLnmi3Usqh7t5Q==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame 2242 1 KB
1 KB 37ms
35ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:36:16 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 482
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: CpeHqQho-rJUAnKOGv-Cv2-Z6SM4PR1Lq7Wkx-T7bKBkvSzMQcEF4g==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame 2242 761 B
1 KB 31ms
29ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:11:31 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
age: 1652
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: 6Z4ma5gFzk3E1o8YVz_LLteBqkaTH8opSIjHX-5Fb2YE4-5oq_mn2w==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame 2242 1 KB
1 KB 37ms
35ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:20:32 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:34:28 GMT
server: AmazonS3
age: 2972
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: sxE7A8xBYTdpcX0cDfikOKdf2J_uiqf3Zx8JRWUrpNQRD3glhlQWeg==

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame 2242 1 KB
1 KB 32ms
30ms Image
image/svg+xml 2600:9000:2057:c000:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:41:23 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 3473
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: 0k7t2RRZyVPL0AW0C_1C9rqTiIwR6qqg7DzFsj67xiF32XnxSPGZkQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.e-volution.ai
URL: https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l9i1yYY6MXD8

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adxcore.com/a	1970-01-20 06:48:49	Name: advst_uid_11 Value: 0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
beforeitsnews.com/	1970-01-19 22:02:59	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyRF1CWjuuNud
beforeitsnews.com/	1970-01-20 22:02:51	Name: b4in-uuid Value: c1ec709f-662b-4f83-b62d-cd4f33804bcb
.mgid.com/	1970-01-19 22:02:53	Name: __cf_bm Value: LFnnYFtMiQrVnwnxfumBpinI071YYJSD4FXIFtFIoaU-1634571539-0-AQtKRIoZox/Fk8KE3zAACnSWh4IxP3bne2+uvRzd4DlpNQccGs44HshQcHyUUGrdT2y0DZutSN7mQxjRe0rUyeI=
servicer.mgid.com/	1970-01-19 22:02:52	Name: __mglb Value: fc02a5af8306bee686576562f78e8f80
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l9i1yYY6MXD8
.beforeitsnews.com/	1970-01-20 15:34:03	Name: _ga Value: GA1.2.1602001129.1634571541
.beforeitsnews.com/	1970-01-19 22:04:17	Name: _gid Value: GA1.2.2032337334.1634571541
.beforeitsnews.com/	1970-01-19 22:02:51	Name: _gat_gtag_UA_16055024_1 Value: 1
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22TMxK50qvt%22%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634571541251%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634571541371%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634571541491%7D%7D
.doubleclick.net/	1970-01-20 07:24:27	Name: IDE Value: AHWqTUl4ukS16hf2Rwewe3kgfHuzrps-Q7X3HnxI8Cry8uc8QBMkvLXeJogHdT6hqes
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: l9i1yYY6MXD8
.scorecardresearch.com/	1970-01-20 15:19:39	Name: UID Value: 1PKVALXEALADGSMDL9JKHPg1634571542
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: l9i1yYY6MXD8
.creativecdn.com/	1970-01-20 06:48:27	Name: u Value: rRckaIXmjR8YgjXTxILw
.creativecdn.com/	1970-01-20 06:48:27	Name: ts Value: 1634571541
.adsrvr.org/	1970-01-20 06:48:27	Name: TDID Value: 8450db5b-6953-4a7f-af28-5401467ce567
.360yield.com/	1970-01-20 00:12:27	Name: tuuid Value: 7741f530-7f52-4553-ac46-e67967e16140
.360yield.com/	1970-01-20 00:12:27	Name: tuuid_lu Value: 1634571541
.adsrvr.org/	1970-01-20 06:48:27	Name: TDCPM Value: CAEYBSABKAIyCwi847u_hJaJOhAFOAE.
.bidswitch.net/	1970-01-20 06:48:27	Name: c Value: 1634571541
.bidswitch.net/	1970-01-20 06:48:27	Name: tuuid Value: 0403248a-3a5d-4aa1-8ba9-e0324fdfe7c0
.bidswitch.net/	1970-01-20 06:48:27	Name: tuuid_lu Value: 1634571542
dispatcher.adxcore.com/	1969-12-31 23:59:59	Name: DISPATCHER Value: DIS6
.erne.co/	1970-01-20 06:48:27	Name: u Value: X1SY9OlUnYBkTPRf3PsnXqwr
.mfadsrvr.com/	1970-01-20 15:34:03	Name: tuuid Value: 35794855-d96a-4e98-9ec9-a51218c70850
.mfadsrvr.com/	1970-01-20 15:34:03	Name: c Value: 1634571543
.mfadsrvr.com/	1970-01-20 15:34:03	Name: tuuid_lu Value: 1634571543
.mfadsrvr.com/	1970-01-20 15:34:03	Name: ssh Value: !mgid,1634571543
cm.mgid.com/	1970-01-19 22:46:03	Name: mg_sync Value: {"265689":1634571541,"287839":1634571543,"341189":1634571541,"363887":1634571541,"371158":1634571542,"433145":1634571542,"433146":1634571541,"516418":1634571541}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ajax.beforeitsnews.com
amg-news.com
beforeitsnews.com
c.mgid.com
calabeshes.xyz
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dispatcher.adxcore.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
henrymakow.com
i.imgflip.com
i.ytimg.com
i0.wp.com
i2.wp.com
img.beforeitsnews.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
match.adsrvr.org
pagead2.googlesyndication.com
rddywd.com
robscholtemuseum.nl
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
sp.rmbl.ws
static-3.bitchute.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.e-volution.ai
tapnewswire.com
theconservativetreehouse.com
thewashingtonstandard.com
token.rubiconproject.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.henrymakow.com
www.mydailyinformer.com
x.bidswitch.net
sync.adtelligent.com
sync.e-volution.ai
104.16.199.73
104.18.255.14
104.19.133.78
104.19.135.78
104.19.217.61
104.22.74.138
13.35.253.71
142.250.185.130
142.250.186.130
151.139.128.11
18.192.92.12
185.184.8.65
185.59.220.194
192.0.77.2
209.58.165.79
23.37.42.132
2600:9000:2057:c000:1f:2f70:3e80:93a1
2606:4700:10::ac43:e6e
2606:4700:20::681a:e17
2606:4700:3034::6815:4c32
2606:4700:3035::6815:4e23
2606:4700:3035::6815:4e2a
2606:4700:3036::6815:eb9
2606:4700:3036::ac43:8a2c
2606:4700:3036::ac43:d037
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2016
2a00:1450:4001:812::200a
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9a
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.123.82.137
35.212.212.222
5.135.97.203
64.27.55.138
65.9.71.13
65.9.71.88
69.173.144.138
76.223.111.131
85.214.112.89
87.98.128.108
89.40.36.137
00895539bbf4aac665a4e2c0a897a0b66a71e79b6ac1e12c4beec09bbf51375c
00ca4e4d1de91dc8a7d5066e67db7fc65d912c41479237e7f37e21c09e2ee9c6
0316b413e619aafef5f813a066c519aee14b7964c7bd5d19893621c8a1781740
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
0794d23c19ced878a27dc3e2585613266ff84bbe9ec073274fd8edfc157926f9
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0bb8b96e042bc3c298afeeaea201e25da226ab260d6ac4f414c3caa243dc88ab
0fad430ecf9e540e5af0b0cdd1ac424d9dc044d7aab1466736002a5efd2a5b80
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1092c98d043e25085b48f8668b55723ac319c88df422e07e0aaaa5c53bb72377
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
1433ff7f649fc521f9456fe2232e44a6e0dd3ef138d19461d99671a3f8cb2873
14bab498108252fd77fb54acbd06aa135e4bf8586bea3a61f5563d29d390d46b
151aea951e97f3c58a309e6971798e07cd7c0b37a12fa1af35f68bdcdfcc3c19
1534b6114af9bdff2d73bbbf0ddc4bbc7479297c9676ae07bde3665b5075e099
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
1847b7ea7330186d035e2878afae9e559d8407caf9dd03840cdaf9ce27c9e7d8
19da9c5072265bf82a294dbb3c4283ed53255f69ab36a877f8b87cfd03950107
1c5e0f1b09eb75c2896c936308817233cda2f006a88d962ff484687130be713c
2314dea983536c69c932e9fbc9df801a4c59c44693404ace8209c8b57b8694f1
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea
2b77f08f6465c1b325524b140a6ce9a149e5f51984b4345b44fbee3981b07d7b
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
30b0591a5cb5c33c3cfa3024e31bc4d8bd68ef5c6eca08f21eccce629beb39cd
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
380da9318f07656019ae99b866979ad4c7c7cffa0d8e6dd9426275df6d30b642
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3e84cc2231ac5774450198a051d5f72248bd71951109a18e7bca8fcc4aed6145
3fb470af8e2e82f0cddd7f387665efbf51e03c13fbc66119c968735c7d555c20
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
44048535de81b7a3309d0fdffe816de5fbd19d82629956d9fb2a70f051261a4f
442520fec7151cceb5a2fc4f249905f146f50dda9550145fcd71fa7c2030bd11
47716fce1f9fd5f0a8f6718e039b86677d4b50b0e891960eb3a416f31d699d8c
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d8c81478cecda6e5cf31c1495cb90b02f5f68159cc843376757e4eac22b3480
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4e535f97fe2b8929b51cf044fb4ff6a156d50308aa87096c52546db979190991
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
56211ae71a980d896bf59af0a91407b3e29d93ec9567564798ebba5fd30f485f
5819736b0031225cd8823cfb57136716b978c05c600078f546c1489891de493c
5b4d35dd58e023ab8d367e289b6651cedd9ebaf3e0089120d2a77c3a74320b5f
5c25fca1140d087523610532cdad4ce938c392c31075f17da6acc1316b8c7353
5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa
61272354c450141b08dfb8d1bf7cb6d67e8e4236f605074ccc86c89749f7249a
67a71001b25a760e205043107a029990982305c1cec0acb0adae765d3869dce5
689f2aa7e1479eb66d5d19c5ab5ee1a4835046f1e008fac9c9d25682fd5f8869
69716545aba05a755d476ec6a36e722d1fc7721919a92208bcc2d9c91a9f30eb
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c05c3eae8d3b161e973f75a1726f5f722532eefaedc84df71e2a41d1c3a6bdd
6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62
6cab9f44156fa2f5bd5a49775f40ea75d5b4d917c713a341267d48cbed0b725e
6e0f6ff9dbdebf16fd835c4069d83b858784ad4387ef047e7a3bcf55c377febe
6e5885cb048ca400e25c37ab41913ba7a288c31c5bf571e19b40e4366e17cd9f
6e8c11224b48382bc205514ab45429e0a70b9c12a0c4b7913f330870f7d94d2e
6f4c7baf55e7c028d298c83e4a92e38dd451d5c025ed77ddc4703f4e0fb66253
6faa9082282e075a073e7ea8758e2ffd548a8f41c92dd12af560d9843b8f11eb
708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038
72627ff2facf83bb7a03434a571d4741d9beba2085c3ccc2c1492120e84d33f9
7359438f299e85e74d4220c293e0d8b1cb52ba44ded487f1a1914cc25567648d
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05
78c6e7b67d6dd7558f3897e5c8cd555b0db2509b257565c58740f06133e29562
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b45da36302b1875d7e6dd6a31f010b0b06fc6c1b6ba2fbf4d756f18dcddf3e8
7b91454b286185a912ceb259424bd60eae0d5346fbb8ed6b197b232bdda1d5c1
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7f5c1206d5c3cd3c6de43010d7ba3ce8503fcd4cc0d084610d175e86f799a81b
81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858abb1d81fa68a0434986a4cd7400b9c8b72bb3659a044a84ab0357693c403c
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87d094d8099fd062aa094102592e79d82fcdfc5491815bb720f4731d2235704f
8bec819de672b7a7150b2af8981134a3724665d326791e946e8f9e964d227318
8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
917a0412c2c8c49e2b54520422835b16700fa43a6cd7a389a726f95e2d5d41e5
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
932a28ed9956d4c57ae12d1ecb314501e2963d5efd56d868c8e09cb5b328b179
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54
978511d27e62b8a8d9475a179ce9d2aa107b1b3669489f10e286cee0af9a0518
97af7d788557a32acf7caf9e7b7a41d22dd1267c564a284a2a7c2e116fa3e976
9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6
a087e064b3db992a7aa2493abe62fda9299bc7da62747d1d9c31112fc4ccf15f
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a288266a6da789d69f5a149dd1b3a70555a4c0587049dc56d363d099a3071786
a57fbcd5222f2ad85bff6adbea147fd03df4ca1759e34ae437e29051c43dd5cc
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b806dbed21c385aa454ce640afb697e81d5880bbb21b24e80f6c2fe9fa269002
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bbc08b676d54c8f448b423f9f8295962fabafe7dbe9be4e1db772497ec1cfc9b
bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29
c577e459f0a4700bffb9082307bbf5819aa8f1845ab717a651efb7de2fa45487
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
ca268a9549055c6c88e3991bda47a937a23378ed7957c621942337dd03b4cf11
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb158292c1e00f2a542a6db98b2fb425da7c68dfbc924d68ac09681b93a2e272
cc55fc97436606d6bb9e709e0c5bfb0500c0af309c0e9e8d823f3d40f0b92bb0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0fd01b64891f6004665586e4ebee68ec91cce0105f0d66d879e7113994558da
d113418452ed85d3bf44738f1d27ce4e7f3ddb53a8896651c7cb61b2a9e74530
d1b1bb8bfba232ca4edb5d6ca4bfd1cc5b8cef222d835eaddeee199e868e6722
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
da7f56c0ab8e000af55fca099183ec0f7ffbee743e1f0d021b9afb578c6bb94c
da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dcdeba1327e2ca6c4036196139860e90d5068ea9fcdac39dd2547d6f68a129ca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3a7060843b2adf1775e4e6345f0c0089037746f2643934a7ca11f1e8987e735
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4848c1220210017fc059081ccafde7832d950e02ce946df7492dc78d9fbc204
ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770
ebba9b5028903e9701b3de22ae0c945b38a62e4d75f85c76ab5365cd25a95d6f
ec51bd18a66799977faa6b2bca45b99fd240e6a1f7a8a9848d08fe20d0e5b52a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e0f9ea53ecda9b123dac13a3960ce2c5d8e25f55beab68fa871e750dfd1e9a
f3a45cecc70c6339b0fe59ddd4f953e204c9762fa5c0e81552a6197859daea5e
f52733ad0523c74ce6129fcff09c9463aa9185dc75f1dc829d6d6f87f29906cd
f785ad56ccd948b3be8bc3fc810e51ccd0cbb9f4da47100300b25797e9ffb8ad
f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45
fcd5ece11b27b0adaba8c9a2253844a8ff2a714634cc4eea8676042374196de5
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

beforeitsnews.com Open in urlscan Pro 2606:4700:10::ac43:e6e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

161 Requests

99 %HTTPS

44 %IPv6

40 Domains

57 Subdomains

41 IPs

9 Countries

9982 kBTransfer

11890 kBSize

31 Cookies

16 Outgoing links

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

99 %
HTTPS

44 %
IPv6

40
Domains

57
Subdomains

41
IPs

9
Countries

9982 kB
Transfer

11890 kB
Size

31
Cookies

161 HTTP transactions
1 data transactions