beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission Tags: falconsandbox
Submission: On February 05 via api (February 5th 2021, 1:11:10 am UTC) from US

Summary HTTP 172 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 51 domains to perform 172 HTTP transactions. The main IP is 2606:4700:10::ac43:e6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	2606:4700:10:... 2606:4700:10::ac43:e6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.194.51 13.224.194.51	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::ac43:a025	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
13	89.187.169.15 89.187.169.15	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	2a00:1450:400... 2a00:1450:4001:800::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:e4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.216.200.205 52.216.200.205	16509 (AMAZON-02) (AMAZON-02)
1	198.187.29.8 198.187.29.8	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	204.79.197.201 204.79.197.201	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.18.12.238 104.18.12.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.71.40 172.67.71.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.124.249.61 192.124.249.61	30148 (SUCURI-SEC) (SUCURI-SEC)
1	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:ce00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.12.217 151.101.12.217	54113 (FASTLY) (FASTLY)
4	64.62.227.17 64.62.227.17	6939 (HURRICANE) (HURRICANE)
21	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:1aad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.93.58 143.204.93.58	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:c800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:1a00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.195.238.30 18.195.238.30	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 1	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	35.157.252.59 35.157.252.59	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.74.225.211 54.74.225.211	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.183.62 18.194.183.62	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::6815:3aa9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:b4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	50.22.29.15 50.22.29.15	36351 (SOFTLAYER) (SOFTLAYER)
1	192.0.72.27 192.0.72.27	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:303... 2606:4700:3032::ac43:85f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2600:9000:20e... 2600:9000:20eb:fa00:d:8a0c:6440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:170... 2a02:26f0:1700:180::221c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	40.114.178.124 40.114.178.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
172	57

52 2606:4700:10::ac43:e6e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-51.fra2.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:a025 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-15.cdn77.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e4f (United States)

ASN13335 (CLOUDFLARENET, US)

video.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.200.205 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.187.29.8 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium71-4.web-hosting.com

blackhammer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.255.14 (United States)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fe80:1010::16 (United Kingdom)

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tse4.mm.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.201 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0002.a-msedge.net

tse2.explicit.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.238 (United States)

ASN13335 (CLOUDFLARENET, US)

media.mercola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.40 (United States)

ASN13335 (CLOUDFLARENET, US)

prepareforchange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.61 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10061.sucuri.net

stateofthenation2012.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

cms.qz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ce00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.62.227.17 (United States)

ASN6939 (HURRICANE, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:1aad (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-58.fra50.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:c800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1a00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.238.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-238-30.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.143.124 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.212.16 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.252.59 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-252-59.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.225.211 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.183.62 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-183-62.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:3aa9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.catholicnewsagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b4a (United States)

ASN13335 (CLOUDFLARENET, US)

www.ancient-origins.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.22.29.15 (Dallas, United States)

ASN36351 (SOFTLAYER, US)

littlegreenfootballs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.27 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

loopehome.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:85f3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.henrymakow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.72.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

ethan2k21.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

media.townhall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:fa00:d:8a0c:6440:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.fineartamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:180::221c (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

media.defense.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.114.178.124 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

external-content.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	beforeitsnews.com 1 redirects beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com	1 MB
21	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	257 KB
13	bitchute.com static-3.bitchute.com	513 KB
10	youtube.com img.youtube.com www.youtube.com	200 KB
8	googleapis.com fonts.googleapis.com www.googleapis.com translate.googleapis.com	100 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	41 KB
3	wordpress.com loopehome.files.wordpress.com ethan2k21.files.wordpress.com	312 KB
3	google.com www.google.com translate.google.com	3 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
3	jamesredpillsamerica.com jamesredpillsamerica.com	16 MB
2	defense.gov media.defense.gov	332 KB
2	catholicnewsagency.com www.catholicnewsagency.com	42 KB
2	lockerdome.com lockerdome.com
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net cm.g.doubleclick.net	894 B
2	google-analytics.com www.google-analytics.com	19 KB
2	rddywd.com rddywd.com	1 KB
2	blogspot.com 1.bp.blogspot.com	267 KB
2	bing.net tse4.mm.bing.net tse2.explicit.bing.net	19 KB
2	secureservercdn.net secureservercdn.net	124 KB
2	amazonaws.com s3.amazonaws.com	46 KB
2	ytimg.com i.ytimg.com	32 KB
2	tradingview.com s3.tradingview.com s.tradingview.com	11 KB
1	duckduckgo.com external-content.duckduckgo.com	13 KB
1	fineartamerica.com images.fineartamerica.com	84 KB
1	townhall.com media.townhall.com	55 KB
1	henrymakow.com www.henrymakow.com	439 KB
1	littlegreenfootballs.com littlegreenfootballs.com	70 KB
1	ancient-origins.net www.ancient-origins.net	33 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	idealmedia.io cm.idealmedia.io	555 B
1	media.net contextual.media.net	544 B
1	lentainform.com cm.lentainform.com	622 B
1	google.de www.google.de	107 B
1	consensu.org c.sharethis.mgr.consensu.org
1	googlesyndication.com pagead2.googlesyndication.com	47 KB
1	vimeo.com player.vimeo.com
1	googletagmanager.com www.googletagmanager.com	38 KB
1	qz.com cms.qz.com	61 KB
1	stateofthenation2012.com stateofthenation2012.com	137 KB
1	prepareforchange.net prepareforchange.net	74 KB
1	mercola.com media.mercola.com	35 KB
1	imgflip.com i.imgflip.com	42 KB
1	blackhammer.org blackhammer.org	105 KB
1	brighteon.com video.brighteon.com	17 KB
1	w.org s.w.org	571 B
172	51

	Domain	Requested by
30	beforeitsnews.com	1 redirects beforeitsnews.com
22	img.beforeitsnews.com	beforeitsnews.com
13	static-3.bitchute.com	beforeitsnews.com
10	s-img.mgid.com	beforeitsnews.com
8	img.youtube.com	beforeitsnews.com
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc beforeitsnews.com
6	cm.mgid.com	jsc.mgid.com beforeitsnews.com
5	x.bidswitch.net	5 redirects
4	ajax.beforeitsnews.com	beforeitsnews.com
3	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com
3	jamesredpillsamerica.com	beforeitsnews.com
2	media.defense.gov
2	ethan2k21.files.wordpress.com
2	www.catholicnewsagency.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	www.gstatic.com	translate.googleapis.com
2	a.sportradarserving.com	2 redirects
2	match.adsrvr.org	2 redirects
2	servicer.mgid.com	jsc.mgid.com
2	www.google.com	beforeitsnews.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	rddywd.com	beforeitsnews.com
2	jsc.mgid.com	beforeitsnews.com
2	www.youtube.com	beforeitsnews.com
2	1.bp.blogspot.com	beforeitsnews.com
2	secureservercdn.net	beforeitsnews.com
2	s3.amazonaws.com	beforeitsnews.com
2	i.ytimg.com	beforeitsnews.com
1	external-content.duckduckgo.com
1	images.fineartamerica.com
1	media.townhall.com
1	www.henrymakow.com
1	loopehome.files.wordpress.com
1	littlegreenfootballs.com
1	www.ancient-origins.net
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	cm.g.doubleclick.net	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.idealmedia.io	beforeitsnews.com
1	contextual.media.net	beforeitsnews.com
1	cm.lentainform.com	beforeitsnews.com
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.google.de	beforeitsnews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.mgid.com	beforeitsnews.com
1	l.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	s.tradingview.com	s3.tradingview.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	player.vimeo.com	beforeitsnews.com
1	platform-api.sharethis.com	beforeitsnews.com
1	www.googletagmanager.com	beforeitsnews.com
1	cms.qz.com	beforeitsnews.com
1	stateofthenation2012.com	beforeitsnews.com
1	prepareforchange.net	beforeitsnews.com
1	media.mercola.com	beforeitsnews.com
1	tse2.explicit.bing.net	beforeitsnews.com
1	tse4.mm.bing.net	beforeitsnews.com
1	i.imgflip.com	beforeitsnews.com
1	blackhammer.org	beforeitsnews.com
1	video.brighteon.com	beforeitsnews.com
1	s.w.org	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
172	70

This site contains links to these domains. Also see Links.

Domain
www.herbanomic.com
db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net
9e214utfcj2ajb49ok-kxh5m16.hop.clickbank.net
tinyurl.com
mitocopper.com
t.me
forum.beforeitsnews.com
www.youtube.com
3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net
widgets.mgid.com
brainberries.co
telegram.org
www.fincabayano.net
polaraidhealth.com
www.braintuner.com
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
225e505pjo7-s6cf1g5jdswy81.hop.clickbank.net
hop.clickbank.net
11156t1kflu2j2b9bl18ojz-zi.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.tradingview.com Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
static-3.bitchute.com R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
blackhammer.org Sectigo RSA Domain Validation Secure Server CA	`2020-02-01` - `2022-01-31`	2 years	crt.sh
secureservercdn.net Starfield Secure Certificate Authority - G2	`2020-06-26` - `2021-06-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.explicit.bing.net Microsoft RSA TLS CA 01	`2021-01-19` - `2021-07-19`	6 months	crt.sh
mercola.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
stateofthenation2012.com Go Daddy Secure Certificate Authority - G2	`2020-05-14` - `2021-05-14`	a year	crt.sh
cms.qz.com R3	`2021-02-04` - `2021-05-05`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-07` - `2021-04-24`	9 months	crt.sh
beforeitsnews.com R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
ancient-origins.net Cloudflare Inc ECC CA-3	`2020-08-27` - `2021-08-27`	a year	crt.sh
littlegreenfootballs.com RapidSSL RSA CA 2018	`2020-06-07` - `2021-07-07`	a year	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-21` - `2022-01-21`	a year	crt.sh
*.townhall.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-02-20`	a year	crt.sh
*.fineartamerica.com Amazon	`2020-10-13` - `2021-11-13`	a year	crt.sh
www.defense.gov GeoTrust RSA CA 2018	`2020-06-22` - `2021-09-15`	a year	crt.sh
*.duckduckgo.com DigiCert SHA2 Secure Server CA	`2020-10-09` - `2021-11-10`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 59071A30CBDABFA537D2AB2B867EC3E1
Requests: 157 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Ithc62WXI_I
Frame ID: D35C2F7433139F02F94BAA9D23E28C86
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/508536627
Frame ID: 66E0A872D82D05BC092353BA48CF5FA8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/O269cn5aS0A
Frame ID: BB11FC5894110CA0D56663815289CFE2
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021151
Frame ID: BB01C271C9C08ECBE4D1BEBB901B4D6E
Requests: 2 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2021151
Frame ID: 8C5DCB4A3FABD546686DAB82EDACA5F9
Requests: 5 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: A7F739ECC13B818D001E9C4E9AB7A0D1
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 149B18D0B41F521E178C40B6D3147669
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1612487422692732169106
Frame ID: D3F8497E15E0AB197686BA8C55DC0E85
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 46E6D308058F64773D91E6AEF55ED2C0
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 4A4708993C6C2AE68AE63441C92981EC
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: AE2840740434A74CF680B6C50C99B9FA
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 8112A7EDA230856B812CB81E798180FC
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 999E99BD0345FB10E61825C1FB5383C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

172
Requests

100 %
HTTPS

47 %
IPv6

51
Domains

70
Subdomains

57
IPs

8
Countries

20685 kB
Transfer

21771 kB
Size

0
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomic.com/productdirectory
Title: Shopping

Search URL Search Domain Scan URL

URL: https://db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net/?tid=BINRTL1
Title: SHOCKING! Scientist Reveals The Real Cause Of Weight Gain! See Video

Search URL Search Domain Scan URL

URL: https://9e214utfcj2ajb49ok-kxh5m16.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: Is This “Fat Blaster” Brain Molecule The Key To Shocking Weight Loss?

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxc93bzg

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-oxygen-delivery-system/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/oxy-powder-natural-colon-cleanser-120-capsules/
Title: Try This And You'll Lose 15 Pounds of Extra weight in Your Colon! (VIDEO)

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNewsGroup
Title: CHAT/CONTRIBUTE ON TELEGRAM - https://t.me/BeforeitsNewsGroup

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-water/
Title: HENX - Light Years Beyond Colloidal Silver! Protect Your Family!

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net/?tid=BINPTL
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/10-stunning-asian-actresses-no-man-can-resist/

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: BEFORE IT'S NEWS ON TELEGRAM * GET THE TELEGRAM APP - https://telegram.org

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/
Title:

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/
Title:

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Tiny Self Defense Tool Drops a 270 Thug In 2 Seconds Flat - Get Yours While Supplies Last

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/best-and-worst-video-games-featuring-celebrities/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/top-10-most-romantic-nations-in-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/a-rihanna-museum-is-probably-opening-soon/

Search URL Search Domain Scan URL

URL: https://brainberries.co/gadgets-and-science/what-is-a-black-hole-7-truly-amazing-facts/

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: How To Easily Manifest Anything You Wish Using Quantum Physics

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://225e505pjo7-s6cf1g5jdswy81.hop.clickbank.net/?tid=BINRTL2121220
Title: Discover How To Survive in North America in Case of an Emergency

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex
Title: THIS Humic Fulvic Complex Has Provided Major Health Benefits To Thousands. (See VIDEO)

Search URL Search Domain Scan URL

URL: https://hop.clickbank.net/?affiliate=5startech&vendor=totalpat&p=clt&tid=BINRTL11221
Title: FREE Invisible Night Vision Cap Light - Just Pay Shipping - Click Here For Details

Search URL Search Domain Scan URL

URL: https://11156t1kflu2j2b9bl18ojz-zi.hop.clickbank.net/?tid=BINRTL2121320
Title: Learn How a 70-Year-Old Veteran Built a Small Nuclear Root Cellar (Bunker) in His Backyard With Only $421

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 118

https://x.bidswitch.net/sync?dsp_id=303&user_id=l14mTBNfHsah HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l14mTBNfHsah HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ff151029-4df9-4fd4-813c-5c50a85e9ed1&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 119

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=d9021856-1d24-4e5e-86eb-a3c61fdc489d&ttl=1615079423

Request Chain 120

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e476ec40-a15f-4f08-9c97-bcd73ae892e9&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=ff151029-4df9-4fd4-813c-5c50a85e9ed1&gdpr=&gdpr_consent=&us_privacy=

Request Chain 122

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=kuv1FoIB2sb9aAzLv0qT&pi=mgid&tc=1

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDE0bVRCTmZIc2Fo&muidn=l14mTBNfHsah HTTP 302
https://cm.mgid.com/google?muidn=l14mTBNfHsah&google_ula={guid},5&google_gid=CAESEM0VbxElBWybPJfq_OjGgxk&google_cver=1

172 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

118 KB
23 KB

672ms
656ms

Document
text/html

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0095361992809440027fa0bf90e1913408348da543e84a6708b3f1d31c67b306

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:20 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d934273802fd17c316efcb3cd28d021a41612487420; expires=Sun, 07-Mar-21 01:10:20 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s2; path=/ __cflb=0H28vyGHkAVLrvrHtVehKp3KVyBdeBAY5CnaTkctq35; SameSite=Lax; path=/; expires=Fri, 05-Feb-21 03:28:20 GMT; HttpOnly
cf-ray: 61c8c048faca97ba-FRA
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
cf-request-id: 0811568198000097ba5c01e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Fri, 05 Feb 2021 01:10:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 05 Feb 2021 02:10:20 GMT
Location: https://beforeitsnews.com/
cf-request-id: 081156817900004a738806a000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 61c8c048c8724a73-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 30ms
28ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 2808407
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DW2R7TEKEY2K8GBT
x-amz-id-2: sE/VEXxbhMuTCuCQsmC2BptgO/V1s2PsNZ5yq95p3IzbnVwO15xXAM+hmbc4SCny4GEWo4j01Uw=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"165501590067c5189e81c831f77f81ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tjjN.jFT95DY_pkhk6.cTP9tpZK602Ny
cf-request-id: 0811568433000097ba7b0bf000000001
cf-ray: 61c8c04d1b4c97ba-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
712 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 01:10:20 GMT
server: ESF
date: Fri, 05 Feb 2021 01:10:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Feb 2021 01:10:20 GMT

GET
H2 200 global-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 15 KB
4 KB 37ms
35ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183731
cf-polished: origSize=15665
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568432000097ba66089000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-3d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c04d1b4797ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:29 GMT

GET
H2 200 fancybox-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 28ms
27ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183731
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568432000097ba54287000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c04d1b4897ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:29 GMT

GET
H2 200 home-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 28 KB
6 KB 22ms
21ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183690
cf-polished: origSize=29022
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568432000097ba70262000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-715e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c04d1b4997ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:22:10 GMT

GET
H2 200 responsive-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 20 KB
3 KB 23ms
22ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a200701c53c115d1426b0e499872f764a6562e985a39a0796b152b9c31a72ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183731
cf-polished: origSize=20176
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568433000097ba698e6000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-4ed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c04d1b4b97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:29 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 24ms
23ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 129902
cf-polished: origSize=149701
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568433000097ba5c026000000001
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c04d1b4d97ba-FRA
expires: Wed, 10 Feb 2021 13:05:17 GMT

GET
H2 200 global-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 19 KB
5 KB 35ms
35ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0e59b33f190619c0a72f134b8a63462def9238acbed251ef993fc84c6e0c54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183708
cf-polished: origSize=19786
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568435000097ba5c027000000001
last-modified: Fri, 22 Jan 2021 08:19:29 GMT
server: cloudflare
etag: W/"600a8a91-4d4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c04d1b4e97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:52 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 33ms
24ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 94385
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
cf-request-id: 0811568461000097ba3e809000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 22:57:16 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04d6b5597ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 185ms
48ms Script
text/javascript 13.224.194.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 10:27:48 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Thu, 04 Feb 2021 10:27:44 GMT
server: AmazonS3
age: 52954
etag: "434a3d44a3079aedd890448838582f6c"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 11415
x-amz-cf-id: 3OCv8JD4REkVaZfKR1f0TZLe81Zakj9SXO886ff2U8h026CDeoNp-Q==

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/4KBlBdOGkUg/ 9 KB
9 KB 35ms
6ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/4KBlBdOGkUg/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18a3c7894e521fa5497ddcf946aad178a7e06bc7640b044289c69daceeb47147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:07:57 GMT
x-content-type-options: nosniff
server: sffe
age: 144
etag: "1612453165"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8851
x-xss-protection: 0
expires: Fri, 05 Feb 2021 01:12:57 GMT

GET
H2 200 FIRING-SQUADS.jpg
jamesredpillsamerica.com/images/ 855 KB
857 KB 56ms
15ms Image
image/jpeg 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/FIRING-SQUADS.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0277746a76979bf685e56ab2b5f8e3be9f087efa9fa91bf09a1674e0a94a01ff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9772
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 875842
cf-request-id: 081156848e000005f930206000000001
last-modified: Thu, 04 Feb 2021 22:23:54 GMT
server: cloudflare
etag: "601c73fa-d5d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qfV377QkRylVeLoFLQdYHCLcOexKX1U3r3mrw3y0u9MVLrX9W%2FYQRuXOBTxJ7z8G7vKG5sY0rpwFWTyleUUsUGvh1K%2BP6lG92Nlqvc18pRoaUiXposO6Y4Q72ZQ%2FHGKdefWOLqg%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04db8d605f9-FRA
expires: Fri, 04 Feb 2022 22:27:29 GMT

GET
H2 200 1f449.svg
s.w.org/images/core/emoji/13.0.1/svg/ 563 B
571 B 141ms
45ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/1f449.svg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/w3vY3yHkPtc/ 28 KB
28 KB 35ms
7ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/w3vY3yHkPtc/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9570064e6fc585f34a2f61e1c1af5ba7fb0acab456da0ab42c0fed419da67644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:07:57 GMT
x-content-type-options: nosniff
server: sffe
age: 144
etag: "1612330039"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29060
x-xss-protection: 0
expires: Fri, 05 Feb 2021 01:12:57 GMT

GET
H2 200 49tE7hX1IFRt_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 23 KB
24 KB 260ms
122ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/49tE7hX1IFRt_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

f91dd008629b885ba10c558f0b49cfe259f71df735caa798e9985d63ee0c499c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-05 00:54:18
cdn-pullzone: 89010
content-length: 23646
x-amz-request-id: tx000000000000021b888dc-00601c892a-43ba6e0-nyc3a
last-modified: Thu, 04 Feb 2021 23:47:16 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 579e8f4640e508b565b32b94d3e8a37b
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/bQbXxrEcI4s/ 18 KB
18 KB 16ms
6ms Image
image/jpeg 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/bQbXxrEcI4s/mqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea21f3eca0723de189c15c61888b5ebc021f77a400e50801127d517b5e65aafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:09:58 GMT
x-content-type-options: nosniff
server: sffe
age: 23
etag: "1612422129"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18597
x-xss-protection: 0
expires: Fri, 05 Feb 2021 01:14:58 GMT

GET
H2 200 1107f4bd-d8d7-4aec-b024-af71a9c9dfe8.0000001.jpg
video.brighteon.com/file/Brighteon-staging/poster/ 16 KB
17 KB 53ms
16ms Image
image/jpeg 2606:4700::6811:e4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.brighteon.com/file/Brighteon-staging/poster/1107f4bd-d8d7-4aec-b024-af71a9c9dfe8.0000001.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8f71d717299c94a1d30d2380550fb8af3737611e5a8378d1dc3db7215817024

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cf-cache-status: HIT
x-bz-file-id: 4_z88b2c91b4a10c84b66a40e17_f10594b2a69558447_d20210115_m191649_c002_v0001135_t0054
age: 2770
x-bz-content-sha1: unverified:4adfd30e8cb06673c010cd59b45029b2116bb217
x-bz-file-name: poster/1107f4bd-d8d7-4aec-b024-af71a9c9dfe8.0000001.jpg
content-length: 16786
cf-request-id: 081156848a0000d6f50b0d5000000001
x-bz-upload-timestamp: 1610738209000
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 61c8c04da99cd6f5-FRA
expires: Fri, 05 Feb 2021 05:10:21 GMT

GET
H2 200 JR6hpkfLM3Q0_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 90 KB
91 KB 265ms
128ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/JR6hpkfLM3Q0_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

f926e83a74c520528b57f528791861d174476117e8ae480006ae3c34530cbb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-02-04 04:19:34
cdn-pullzone: 89010
content-length: 92422
x-amz-request-id: tx0000000000000215b7427-00601b67c6-43b55da-nyc3a
last-modified: Thu, 04 Feb 2021 03:08:21 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 9a145c8f91f657cbc11e6a431c0d1e4f
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 96qnv7cQGkIsf1jDw3hK1WMl_small.jpg
static-3.bitchute.com/live/channel_images/MKanl25dSUxl/ 13 KB
14 KB 245ms
128ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/channel_images/MKanl25dSUxl/96qnv7cQGkIsf1jDw3hK1WMl_small.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

14c40e5263a8f53508009bd01fcf1d49ad9b1c37721bfa0c58ac95fa77214c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000001fcde686-006017fa8c-43b5652-nyc3a
cdn-cachedat: 2021-02-01 13:56:44
cdn-pullzone: 89010
content-length: 13518
last-modified: Sat, 14 Sep 2019 12:52:12 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: b81fa7bae4d5cdb8252871cb49ca5558
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 hqdefault(287).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 14 KB
15 KB 23ms
22ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(287).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 360491
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14766
cf-request-id: 081156847a000097ba632d4000000001
last-modified: Fri, 14 Aug 2020 20:18:17 GMT
server: cloudflare
etag: "5f36f189-39ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 31 Jan 2022 21:02:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04d9b5b97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 42 KB
43 KB 230ms
128ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-01-26 13:45:38
cdn-pullzone: 89010
content-length: 43209
x-amz-request-id: tx00000000000001c3068ef-0060100ef2-43b5652-nyc3a
last-modified: Tue, 26 Jan 2021 11:28:15 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 4cb5c00764d1afb5a85aeeb66c01bcf8
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 5Yxr1eTDCqJKoeKbVnClNXmZ_640x360.jpg
static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/ 37 KB
38 KB 225ms
129ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/5Yxr1eTDCqJKoeKbVnClNXmZ_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

1560925b7d4f6a008e0c975ae68e14b58311a7ab03f2c09da2487cf8e8d27aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx000000000000007db5efe-0060143b2c-46b98f5-nyc3a
cdn-cachedat: 2021-01-29 17:43:24
cdn-pullzone: 89010
content-length: 38380
last-modified: Fri, 29 Jan 2021 15:31:41 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: aa6ee6baf7d93e4c5aa46d837b848ea7
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 A_Capitol_Bldg.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 43 KB
44 KB 23ms
22ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/A_Capitol_Bldg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b276b12bb10237fd6ac51425e7b513d7e294345c367a58093d4b0c9ea7fba30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 534069
cf-polished: origSize=47160, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44528
cf-request-id: 0811568491000097ba7b0c1000000001
last-modified: Fri, 29 Jan 2021 20:41:26 GMT
server: cloudflare
etag: "601472f6-b838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 29 Jan 2022 20:49:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04dbb6197ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 three-amigos.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 51 KB
51 KB 24ms
24ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/three-amigos.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0cc553c498ff457fbbb9f60d9a8373363066c775f33b8210391bfd5609688f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 102843
cf-polished: origSize=54717, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51752
cf-request-id: 081156849b000097ba7b0c3000000001
last-modified: Wed, 03 Feb 2021 20:27:27 GMT
server: cloudflare
etag: "601b072f-d5bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 20:36:18 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04dcb6497ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 46d9dbd1-6f99-4cc4-990d-8146f498f9cc
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/ 23 KB
23 KB 664ms
195ms Image
image/jpeg 52.216.200.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/46d9dbd1-6f99-4cc4-990d-8146f498f9cc
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.200.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 40cf9d86931a55c93ef95a7442655a88f07ced4644a2e7529bc417256eca22fc

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 01:10:22 GMT
Last-Modified: Thu, 04 Feb 2021 09:34:12 GMT
Server: AmazonS3
x-amz-request-id: 34839DF8B87FB4AB
ETag: "2c98f043ddac94bf677dd20a90425540"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 23270
x-amz-id-2: /dif2tN3TtpMVhvdtae3Xq49bNM3RXYczQslSrxgiQKj5fr0OF/MF45G7R4Jq827xHJ/XmyhbQc=

GET
H2 200 OIP(67).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 29 KB
29 KB 25ms
23ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP(67).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

959cae6703049ef4b9e37d46d79ede4c3ac3222c204a381a13332ec5809e2845

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 25865
cf-polished: origSize=31429, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29471
cf-request-id: 08115684ae000097ba52284000000001
last-modified: Thu, 04 Feb 2021 17:55:52 GMT
server: cloudflare
etag: "601c3528-7ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Feb 2022 17:59:16 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04deb6797ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 UJvZAcaCYLRhtxQwWwT31n45_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 33 KB
33 KB 160ms
95ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/UJvZAcaCYLRhtxQwWwT31n45_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

4a1b09ba304df5768534c1e6aa23bbe6ed336192dee2d39e27c74f960d06456b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-04 13:46:25
cdn-pullzone: 89010
content-length: 33472
x-amz-request-id: tx00000000000000b3ffe4c-00601beca1-46b98f5-nyc3a
last-modified: Thu, 04 Feb 2021 12:24:36 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: b62e7be77565ee0fce893d6cffdb7221
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 myanmarcoupcoverimage.jpg
blackhammer.org/wp-content/uploads/2021/02/ 105 KB
105 KB 868ms
402ms Image
image/jpeg 198.187.29.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blackhammer.org/wp-content/uploads/2021/02/myanmarcoupcoverimage.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.187.29.8 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium71-4.web-hosting.com
Software: Apache /
Resource Hash: 95c95715196af2da4ecf5c892a036f2c0307fe3ab4ae35d851a25a52eede3bf9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Feb 2021 23:58:17 GMT
server: Apache
etag: "1a3d8-5ba4f20b3f763"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 107480
expires: Sat, 05 Feb 2022 01:10:21 GMT

GET
H2 200 Pervywood.jpg
img.beforeitsnews.com/contributor/upload/724569/images/ 32 KB
32 KB 27ms
25ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/724569/images/Pervywood.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79522da1bfba3d9e473e89c22acc561990785d6c5628f3ca41dc4e7dc05fcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2164605
cf-polished: origSize=37819, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32890
cf-request-id: 08115684ae000097ba41ac3000000001
last-modified: Sat, 02 Jan 2021 14:59:50 GMT
server: cloudflare
etag: "5ff08a66-93bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04deb6897ba-FRA
expires: Mon, 10 Jan 2022 23:53:36 GMT

GET
H2 200 OIP%20(18).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
12 KB 24ms
22ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(18).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068fe17f9d43898c88ab0b2bab778b800d9ec0771547e9e73f1502621baa79f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 105483
cf-polished: origSize=13525, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12280
cf-request-id: 08115684ae000097ba3fb79000000001
last-modified: Wed, 03 Feb 2021 19:35:12 GMT
server: cloudflare
etag: "601afaf0-34d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 19:52:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04deb6997ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 unnamed%20(2)(10).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 55 KB
56 KB 29ms
28ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnamed%20(2)(10).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7be3885d6747a25b99b829eaa781fd38c633b3b01b5c58f739d43ea85dbac762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 110960
cf-polished: origSize=58789, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56696
cf-request-id: 08115684ae000097ba3e80a000000001
last-modified: Wed, 03 Feb 2021 17:59:19 GMT
server: cloudflare
etag: "601ae477-e5a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 18:21:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04deb6a97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 4wcpxi.jpg
i.imgflip.com/ 42 KB
42 KB 184ms
22ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4wcpxi.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856d10b22b78d8dca542577503906fdda7c04a04a8e5f6fbfe677c02ab92810b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cf-cache-status: HIT
age: 213789
cf-polished: origSize=43015
cf-ray: 61c8c04ec80d203b-AMS
content-length: 42564
x-amz-id-2: cHMW2gZFN0sFYDhE3QMs4cx+R91SPKHYUlTdeO4oU5u/I+GaiojaqvFu+OrrxVDKJDPpJG/Hjj4=
last-modified: Tue, 02 Feb 2021 13:36:32 GMT
server: cloudflare
etag: "57cae7424b3dd63e8a6c1401b8f3f7ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: A9C53D062F67A1BB
access-control-allow-origin: *
expires: Mon, 03 Feb 2031 01:10:21 GMT
cache-control: public, max-age=315360000
cf-request-id: 081156853f0000203b238e7000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 Fm7nnVfBFjhO_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 23 KB
24 KB 129ms
129ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/Fm7nnVfBFjhO_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

e61e9c6ed4853d31598d12286fe5377c4920d0e6f52e752eb120983631ac4da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-04 01:44:09
cdn-pullzone: 89010
content-length: 23994
x-amz-request-id: tx0000000000000214ac2cc-00601b4358-43b5652-nyc3a
last-modified: Thu, 04 Feb 2021 00:36:54 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 6e05f72d9ede951c74f71da4823cc800
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 trumphappy.jpg
secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/02/ 19 KB
19 KB 26ms
7ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/02/trumphappy.jpg?time=1612449648

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c75f0b749799d1fd726facc77135059192d137a5c4cf383e502d00252e203e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 99
x-cache: cached
x-sucuri-cache: HIT
content-length: 19043
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 14:39:51 GMT
server: nginx
date: Fri, 05 Feb 2021 01:10:20 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "4a63-5ba83ad25f6a4"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 th
tse4.mm.bing.net/ 14 KB
14 KB 50ms
10ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tse4.mm.bing.net/th?id=OIF.nLfQG7liyr6IjLphL%2bSvZA&pid=Api&P=0&w=300&h=300
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 59ae15be11c0261f3bbaec223dc24efeaa02c5849cb694bb2d9d4cc44b4df5da

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:20 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref: Ref A: F86EEB02EC0444C9B5270756DB1366CF Ref B: FRAEDGE1520 Ref C: 2021-02-05T01:10:21Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1209600
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 13881

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 22ms
21ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 102720
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
cf-request-id: 08115684ee000097ba5c02a000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 20:38:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04e4b7697ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 no-img.png
img.beforeitsnews.com/img/v3/ 1 KB
1 KB 36ms
35ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/no-img.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 708710
cf-polished: origFmt=png, origSize=1604
content-disposition: inline; filename="no-img.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1298
cf-request-id: 08115684ee000097ba4f23a000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 20:18:31 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04e4b7797ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 KIDS4SALE.jpg
jamesredpillsamerica.com/images/ 1 MB
1 MB 13ms
13ms Image
image/jpeg 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/KIDS4SALE.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55f74fbd62d2e12800750904cba9f5b4da47182cc2704dc640652280262d537

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 261276
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1166639
cf-request-id: 08115684ee000005f91eae9000000001
last-modified: Mon, 01 Feb 2021 22:42:51 GMT
server: cloudflare
etag: "601883eb-11cd2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xeNGHhYUKGW2lkASp4fEnPcrE0Y0yLzdCY77wG4Gw1dzEiuduFJeLhE5oXfC5hH%2FPECBJ5VNCVsPO4Eqft90s0S6WuX2ezRlKsaRfIIRO%2FqhaHUCvelKGoyOyQsaaTMsk31rgE8%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04e495105f9-FRA
expires: Wed, 02 Feb 2022 00:35:45 GMT

GET
H2 200 maxresdefault%20(3).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
28 KB 21ms
20ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/maxresdefault%20(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49807c7a2b975537a8ef4a7a5790369c7ba710e65056187143b6414830c4d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 199414
cf-polished: origSize=29930, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28721
cf-request-id: 08115684f9000097ba52285000000001
last-modified: Tue, 02 Feb 2021 17:36:35 GMT
server: cloudflare
etag: "60198da3-74ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 17:46:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04e5b7c97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 White_House_Night.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 58 KB
58 KB 23ms
21ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/White_House_Night.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c25f05092d541c3344cb084648179134e94e3aa3f2b1a3b12c1a3863b776c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 711587
cf-polished: origSize=62169, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59224
cf-request-id: 0811568505000097ba3e80b000000001
last-modified: Wed, 27 Jan 2021 19:16:36 GMT
server: cloudflare
etag: "6011bc14-f2d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 19:30:34 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04e6b7f97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 t5NgUSZdo64_640x360.jpg
static-3.bitchute.com/live/cover_images/pqlCrTAephy6/ 53 KB
53 KB 173ms
171ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/pqlCrTAephy6/t5NgUSZdo64_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

628687525f21ac72c1e10fd3cd8cd2a0224a96a4ff66ebf0dc83b97ce9c3f6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx000000000000020bf1465-00601a09c3-43b55da-nyc3a
cdn-cachedat: 2021-02-03 03:26:11
cdn-pullzone: 89010
content-length: 54124
last-modified: Wed, 03 Feb 2021 02:24:23 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: b5c790e1151d946a984ee4f7f51b2f44
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 th
tse2.explicit.bing.net/ 4 KB
5 KB 185ms
91ms Image
image/jpeg 204.79.197.201
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tse2.explicit.bing.net/th?id=OIP.UKFDfrpaXV7fbaY6yjNFmgHaFA&pid=Api&P=0&w=223&h=152
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.201 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0002.a-msedge.net
Software: /
Resource Hash: f0c6ca76bbf27ac0912865f224b2ca9ccb1a6e188c1c234095d15859d1993f04

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref: Ref A: 76E362ABA1E546C1A8DE75B3085B12D5 Ref B: WAW01EDGE0218 Ref C: 2021-02-05T01:10:21Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1209600
x-cache: TCP_MISS
timing-allow-origin: *
access-control-allow-headers: *
content-length: 4276

GET
H2 200 a81LdDI5YhI4_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ 39 KB
40 KB 163ms
163ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/a81LdDI5YhI4_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

89528bcd8b91c26ea3c5dfef411e9d32b0a52d250cabe8022c4b05b3cc4404ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 565
x-amz-request-id: tx000000000000021381757-00601b6263-43ba6e0-nyc3a
cdn-cachedat: 2021-02-04 03:56:35
cdn-pullzone: 89010
content-length: 40216
last-modified: Thu, 04 Feb 2021 02:55:28 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 7ea60e6b151ba60dfc63332abcdfea3d
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 Untitled%2030(1).jpg
img.beforeitsnews.com/contributor/upload/69910/images/ 6 KB
6 KB 18ms
18ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/69910/images/Untitled%2030(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2506375ce559d28ffa2b97de4ef3fe072addc170d51816a3b50d8b762efa9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 63978
cf-polished: origSize=8081, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6314
cf-request-id: 0811568513000097ba710af000000001
last-modified: Thu, 04 Feb 2021 05:36:55 GMT
server: cloudflare
etag: "601b87f7-1f91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Feb 2022 07:24:03 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04e8b8297ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ending-plague.jpg
media.mercola.com/ImageServer/public/2021/January/ 34 KB
35 KB 270ms
84ms Image
image/jpeg 104.18.12.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.mercola.com/ImageServer/public/2021/January/ending-plague.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / N/A

Resource Hash

be9f2a565ab87f8116aae70b759f704f1a258e8da5e46825f175fa91a130fc7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cf-cache-status: HIT
x-aspnet-version: N/A
age: 417002
x-powered-by: N/A
last-modified: Thu, 28 Jan 2021 03:23:59 GMT
strict-transport-security: max-age=31536000
content-length: 35000
cf-request-id: 08115685f2000032ab17094000000001
x-aspnetmvc-version: N/A
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "4e4df8425f5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
cf-polished: origSize=36976, status=webp_bigger
accept-ranges: bytes
cf-ray: 61c8c04feb5132ab-CDG
expires: Fri, 12 Feb 2021 01:10:21 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/Rxdxf-zHfU8/ 37 KB
37 KB 88ms
26ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Rxdxf-zHfU8/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95618d0ac377efaa3f06e4584315a42de11d69a86e1eaa00cd0ee23b642bad40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 00:24:12 GMT
x-content-type-options: nosniff
server: sffe
age: 2769
etag: "1611445449"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37485
x-xss-protection: 0
expires: Fri, 05 Feb 2021 02:24:12 GMT

GET
H2 200 ENtlimRXkAAAKv9-800x445-1.jpg
prepareforchange.net/wp-content/uploads/2020/07/ 74 KB
74 KB 341ms
96ms Image
image/jpeg 172.67.71.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prepareforchange.net/wp-content/uploads/2020/07/ENtlimRXkAAAKv9-800x445-1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.40 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505ea0787e5fe2cf8f8b3286c7a61448bc151ef12283fcb1b5855a3e796d0494

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 256054
cf-polished: origSize=75624, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 75325
cf-request-id: 081156863100004c550394a000000001
last-modified: Sun, 12 Jul 2020 03:56:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WcCIw0nn0zxT0X%2BTv0pG1GkKVCJ%2FT16IUWzUxnNIjHUmVHac4JYr0hE%2BEVrqKNTRYX3qpw0DxAES0i1rxnXfskTXRdinL62gNxY%2B87GplaNjs8jT6Q%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 61c8c0504f624c55-AMS
expires: Thu, 04 Mar 2021 02:02:47 GMT

GET
H2 200 BOMB-AWAY.gif
jamesredpillsamerica.com/images/ 14 MB
14 MB 61ms
14ms Image
image/gif 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/BOMB-AWAY.gif
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6efadce41ae376140acf28c0c20ad12dc8f1aedbb605e458bcb59ed9cf2db21e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 289232
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 14290982
cf-request-id: 0811568553000005f9ee800000000001
last-modified: Mon, 01 Feb 2021 04:36:40 GMT
server: cloudflare
etag: "60178558-da1026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AJpwiv%2FV%2BlZFnjkRnDgF175QRSyRzY2Na1ROC8YZuj5dzqGpg1XLBVS%2Bs1WYC28XTONEgz28yzG%2BptYKWcZ%2BqgRV1%2FAO9oAef5oQN23Il6RbDv5Zbr8oOpu4u5W%2BO%2Fu0UuCGNWQ%3D"}],"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04ee9cf05f9-FRA
expires: Tue, 01 Feb 2022 16:49:49 GMT

GET
H2 200 9VDXVNHgDrSf_640x360.jpg
static-3.bitchute.com/live/cover_images/ckAsk0HlOn5w/ 34 KB
35 KB 174ms
128ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/ckAsk0HlOn5w/9VDXVNHgDrSf_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

cad278da708c8c2a1769d5fd8a7ef984d3dbf76fb96cda070787254ae1ef7306

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-03 00:08:18
cdn-pullzone: 89010
content-length: 35078
x-amz-request-id: tx00000000000000a5f2d04-006019db62-46b98f5-nyc3a
last-modified: Tue, 02 Feb 2021 22:59:59 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: aeb7f6d4e5e198fc8d5c902dc25845ec
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 zIte2c2GEr8wQeElSUeH9TnG_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 60 KB
60 KB 170ms
123ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/zIte2c2GEr8wQeElSUeH9TnG_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

ada575bbeea74f31166efec688e8f9c31a1e4301aef318346d3681f700f72250

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000001de09938-0060138f60-43b5652-nyc3a
cdn-cachedat: 2021-01-29 05:30:25
cdn-pullzone: 89010
content-length: 61038
last-modified: Fri, 29 Jan 2021 04:22:00 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: ebc62f4192b075710a0221731b5eff1c
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 39458a6c-526b-4c90-9993-3bc026869c0f
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/ 23 KB
23 KB 756ms
152ms Image
image/jpeg 52.216.200.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/39458a6c-526b-4c90-9993-3bc026869c0f
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.200.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 439b6fdb97bc9ea24774adeb848dda8257db47d657441da21a2b12b0524e4508

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 01:10:22 GMT
Last-Modified: Wed, 03 Feb 2021 09:10:04 GMT
Server: AmazonS3
x-amz-request-id: 8A6820EB05BBD216
ETag: "13d8fc69a87a9b259eba9fdf22775b77"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 23266
x-amz-id-2: UuV/veRdDSIYZYwf2ynOKoCL3rcnSahQET4oV8j0uzfn9yuyVRNs7Up5HX54NykyA4Kg4v1ead4=

GET
H2 200 A_Target.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 50 KB
50 KB 25ms
21ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/A_Target.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362926319935a032972f367a62efd55cdbc551ef1f582b24ce9d36650fb4bf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 194880
cf-polished: origSize=56766, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51087
cf-request-id: 08115685b6000097ba4aacb000000001
last-modified: Tue, 02 Feb 2021 19:00:05 GMT
server: cloudflare
etag: "6019a135-ddbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 19:02:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04f8ba797ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 1x-1-819x1024.jpg
stateofthenation2012.com/wp-content/uploads/2016/08/ 137 KB
137 KB 199ms
88ms Image
image/jpeg 192.124.249.61
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateofthenation2012.com/wp-content/uploads/2016/08/1x-1-819x1024.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.61 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10061.sucuri.net

Software

nginx /

Resource Hash

e1fed9d75187120ed4d5bd26d17d0ae1dd8106a35cadb68b41ce1bf5fde30c96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
x-content-type-options: nosniff, nosniff
x-cacheable: YES
x-backend: all_requests
age: 1971
x-cache: cached
x-sucuri-cache: HIT
content-length: 140009
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 24 Aug 2016 11:41:37 GMT
server: nginx
etag: "222e9-53acfc38d1e40"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15011
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trump-crosshairs.png
secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/01/ 105 KB
105 KB 10ms
7ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/01/trump-crosshairs.png?time=1612041939

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

244d38a9b5430fad05284ad97daf5ef5c25e38c6ca89d89a994dc5c0fc9166e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 362172
x-cache: cached
x-sucuri-cache: HIT
content-length: 107101
x-xss-protection: 1; mode=block
last-modified: Sat, 30 Jan 2021 21:25:15 GMT
server: nginx
date: Fri, 05 Feb 2021 01:10:20 GMT
strict-transport-security: max-age=300
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "1a25d-5ba24c1bac7e2"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/DVv7shgg92k/ 8 KB
9 KB 41ms
39ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/DVv7shgg92k/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e3820ebfdd5076129bb5835d2b8c717fe408250f79fda123b06b1437ccf5c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8622
x-xss-protection: 0
expires: Fri, 05 Feb 2021 01:15:21 GMT

GET
H2 200 trump-executive-order.jpg
cms.qz.com/wp-content/uploads/2017/01/ 61 KB
61 KB 211ms
108ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.qz.com/wp-content/uploads/2017/01/trump-executive-order.jpg?quality=75&strip=all&w=1600&h=900&crop=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: bda4f48aa086eae3051a505a9959cf1ae9fab829a934069bdc146547cf79cc6e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
x-rq: hhn1 109 142 443
last-modified: Sun, 31 Jan 2021 17:51:55 GMT
server: nginx
etag: "5cba01a567191053"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 61954
expires: Mon, 31 Jan 2022 17:51:55 GMT

GET
H2 200 6c9b6869c808cec8fef4896e27631bde--dan-brown-vatican-city.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 43 KB
44 KB 24ms
23ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/6c9b6869c808cec8fef4896e27631bde--dan-brown-vatican-city.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b51dde5f4272e0504702b25de61b46de54550e32253ac3fe6ac0f15e7e599cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 28495
cf-polished: origSize=46890, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44103
cf-request-id: 08115685b7000097ba52287000000001
last-modified: Thu, 04 Feb 2021 16:55:48 GMT
server: cloudflare
etag: "601c2714-b72a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Feb 2022 17:15:26 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04f8ba997ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Hypnosis-Webimage.png
1.bp.blogspot.com/-iJDLAffutLY/YBjZuvUwZFI/AAAAAAAB1kw/_z0qOEPapAwBRA7ZHUpTGzKuUygrVozmQCLcBGAsYHQ/w640-h426/ 260 KB
261 KB 33ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-iJDLAffutLY/YBjZuvUwZFI/AAAAAAAB1kw/_z0qOEPapAwBRA7ZHUpTGzKuUygrVozmQCLcBGAsYHQ/w640-h426/Hypnosis-Webimage.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c4c8010d66be65b49eda4373a2f4aa8e04b5b9fa5561670b77e72f12364cc1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 22:34:49 GMT
x-content-type-options: nosniff
age: 9332
content-disposition: inline;filename="Hypnosis-Webimage.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 266421
x-xss-protection: 0
server: fife
etag: "v1d64d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 05 Feb 2021 18:26:04 GMT

GET
H2 200 OIP%20(20).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 14 KB
14 KB 18ms
18ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(20).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0eb3bc2c5243c796ebfa7cbaa244b5c42704bde17f3e907b15ca276f13580a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18574
cf-polished: origSize=16263, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14543
cf-request-id: 08115685c8000097ba3e80e000000001
last-modified: Thu, 04 Feb 2021 19:46:59 GMT
server: cloudflare
etag: "601c4f33-3f87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Feb 2022 20:00:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04fabac97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 A_Gates_Virus.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 51 KB
51 KB 27ms
25ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/A_Gates_Virus.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e12fc5c45d6b7d080b9fb966b05d09881f247e55305ca07d1ec82373d6e2828e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 63743
cf-polished: origSize=56487, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52074
cf-request-id: 08115685d0000097ba473ac000000001
last-modified: Sun, 10 May 2020 17:29:23 GMT
server: cloudflare
etag: "5eb839f3-dca7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Feb 2022 07:27:57 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04fbbad97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
250 B 27ms
27ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 96809
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
cf-request-id: 081156850a000097ba5eb3b000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 22:16:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04e7b8097ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/2T3zk1a7SMI/ 14 KB
14 KB 70ms
55ms Image
image/jpeg 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/2T3zk1a7SMI/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8305717a1089983216945f1a09aca0ff5b8f33be027576e96a727c97bfeb60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13924
x-xss-protection: 0
expires: Fri, 05 Feb 2021 03:10:21 GMT

GET
H2 200 scientist_reveals_real.jpg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 21ms
21ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 95265
cf-polished: origFmt=jpeg, origSize=55516
content-disposition: inline; filename="scientist_reveals_real.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46020
cf-request-id: 081156850a000097ba59297000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-d8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 22:42:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04e7b8197ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 emigrate2.jpeg
img.beforeitsnews.com/img/banner2020/ 55 KB
55 KB 23ms
21ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/emigrate2.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2166404
cf-polished: origSize=56198, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55905
cf-request-id: 08115685d0000097ba5eb3e000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-db86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04fbbae97ba-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 polaraidhealth.jpeg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 24ms
23ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/polaraidhealth.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2166404
cf-polished: origSize=46655, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46365
cf-request-id: 08115685d0000097ba710b1000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-b63f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04fbbaf97ba-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 BCX_Rife350x290.jpg
img.beforeitsnews.com/img/banner2020/ 36 KB
36 KB 60ms
60ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/BCX_Rife350x290.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2166401
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36512
cf-request-id: 08115685dd000097ba5727b000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c04fcbb097ba-FRA
expires: Mon, 10 Jan 2022 23:23:40 GMT

GET
H2 200 tabs-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 148 B
251 B 23ms
23ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183708
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568458000097ba52282000000001
last-modified: Fri, 22 Jan 2021 08:19:32 GMT
server: cloudflare
etag: W/"600a8a94-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c04d5b5297ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 65ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea9ce06246d31d59700d89b789d5d60a8d7ba7f63f5d5ecf5889c1ca47254b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38981
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Feb 2021 01:10:21 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 27ms
6ms Script
text/javascript 2600:9000:2156:ce00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ce00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 61d8a192bb4ef46137bb8e534d284fd33f05eee41ff88c0ea7a5cb1d40f513e4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:09:47 GMT
content-encoding: gzip
age: 34
etag: W/"1935a-tKN9hY+gMbHsv0YvaXLX1zKwwDQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Hl3BoDR7djPYoanLKdix1vvm2-G03Fgm6QXA8hzFlwS9naRF7lcxaA==

GET
H2 200 Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 26ms
23ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 2808408
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BS7S1H3H1K4GBQ7P
x-amz-id-2: QjApP71jKYVGRAdkz9Q9P6OqBxHUujj3Ssfx891KJE0sEVGRFVTs3J5cx2ZDaBvfdzUqDnivfaM=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"93a3e7d84b15a0c8a8a9e4e6c8779aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3R09nKFA1fkBWMCXCpPvkqre3wT0snqV
cf-request-id: 081156846e000097ba5eb38000000001
cf-ray: 61c8c04d7b5697ba-FRA

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
282 B 32ms
30ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 707616
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
cf-request-id: 081156846f000097ba5eb39000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 20:36:45 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c04d7b5797ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
894 B 23ms
22ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 100384
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
cf-request-id: 081156846e000097ba59295000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 21:17:17 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c04d7b5897ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 13 KB
13 KB 8ms
7ms Font
font/woff 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 01:10:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:06 GMT
server: sffe
age: 518381
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13064
x-xss-protection: 0
expires: Sun, 30 Jan 2022 01:10:40 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:42:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:15:51 GMT
server: sffe
age: 55681
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9028
x-xss-protection: 0
expires: Fri, 04 Feb 2022 09:42:20 GMT

GET
H2 200 Ithc62WXI_I
www.youtube.com/embed/ Frame D35C 0
0 101ms
100ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Ithc62WXI_I

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Ithc62WXI_I
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 22015
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
date: Fri, 05 Feb 2021 01:10:21 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=0zt8id1EVOw; path=/; domain=.youtube.com; secure; expires=Wed, 04-Aug-2021 01:10:21 GMT; httponly; samesite=None YSC=OGvgA60sf34; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 05-Feb-2021 01:40:21 GMT VISITOR_INFO1_LIVE=0zt8id1EVOw; path=/; domain=.youtube.com; secure; expires=Wed, 04-Aug-2021 01:10:21 GMT; httponly; samesite=None CONSENT=PENDING+164; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 508536627
player.vimeo.com/video/ Frame 66E0 0
0 353ms
249ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/508536627

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Connection: keep-alive
Content-Length: 11445
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 05 Feb 2021 01:11:41 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-7
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Fri, 05 Feb 2021 01:10:21 GMT
Age: 0
X-Served-By: cache-fra19165-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1612487421.190354,VS0,VE201
Vary: Accept-Encoding
X-Player-Backend: p

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 O269cn5aS0A
www.youtube.com/embed/ Frame BB11 0
0 89ms
55ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/O269cn5aS0A

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/O269cn5aS0A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
content-length: 22401
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security: max-age=31536000
content-encoding: br
content-type: text/html; charset=utf-8
cache-control: no-cache
date: Fri, 05 Feb 2021 01:10:21 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=fQdotkgGzmw; path=/; domain=.youtube.com; secure; expires=Wed, 04-Aug-2021 01:10:21 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=fQdotkgGzmw; path=/; domain=.youtube.com; secure; expires=Wed, 04-Aug-2021 01:10:21 GMT; httponly; samesite=None YSC=fIUuXwX_K9g; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 05-Feb-2021 01:40:21 GMT CONSENT=PENDING+994; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK incr_views.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/ 8 B
635 B 602ms
197ms XHR
text/html 64.62.227.17
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/incr_views.php?id=62&_=1612487421127

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.17 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

ff30fda898941127cda08918b2972b41679d62ba1b12ea9acc8ad544d4f2e372

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 01:10:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 29ms
26ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 129917
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
cf-request-id: 08115684ee000097ba76896000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c04e4b7597ba-FRA
expires: Thu, 03 Feb 2022 13:05:04 GMT

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame BB01 239 KB
65 KB 296ms
188ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021151
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d2b8d827407d16f0c4ea40b02e663f97552c466527c69c17ae9fcc17c91f6e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 4229
cf-polished: origSize=244941
last-modified: Wed, 20 Jan 2021 08:28:03 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 39FA48C8606075BF
x-amz-id-2: Kf1sLFOeDBN+Ab8GqjBz1+bJaccj/D7U5RcgKDMyXlK4Z46cfbZ49h+tnKkX7KFuwu62gEaqrFg=
cf-bgj: minify
server: cloudflare
etag: W/"9e16758cd856f9923398b7d6f884bcab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 081156869d0000d91d1ea25000000001
cf-ray: 61c8c050fcc2d91d-AMS
expires: Fri, 05 Feb 2021 04:10:21 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 8C5D 238 KB
65 KB 198ms
90ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2021151
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f926e3af6282927cbd9206122c2860cc2c7ca80f53bd52db02202dcb174ecd

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 1228
cf-polished: origSize=243558
last-modified: Wed, 20 Jan 2021 08:36:21 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B1862DFF68B6309E
x-amz-id-2: sB9ww6GKuzNeoZZxrzx0824spUU7rdoxu3yLwvg3tLQ5bSm60o5fpCyv7U4maWOp8f43e1UgKuI=
cf-bgj: minify
server: cloudflare
etag: W/"860dfbd0f8cdf79c71d833d0dfdb82d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 081156869d0000d91d32298000000001
cf-ray: 61c8c050fcc3d91d-AMS
expires: Fri, 05 Feb 2021 04:10:21 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 22ms
22ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 129902
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
cf-request-id: 08115684f6000097ba4aac9000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c04e5b7a97ba-FRA
expires: Thu, 03 Feb 2022 13:05:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
47 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71977923c7f235060bb27ad59524d3480b7aff4da4af599086999c3a54adccf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47983
x-xss-protection: 0
server: cafe
etag: 8147591740152740198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Feb 2021 01:10:21 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
636 B 93ms
11ms Script
application/javascript 2606:4700:3037::6815:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1413
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RTjS150lS9PlA%2Bum%2BixmSIb5vtVd390fsmj2zwC3CFlBpzqLegHKN9Z%2FB5pG06GBT%2FG6ijF0RuKS9yPeA0uBrz6wYjybp%2FAgzAvGm%2FWUucuLXaN7yMPI"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 61c8c050cb5305e9-FRA
content-length: 9
cf-request-id: 081156867f000005e96f15e000000001

GET
H2 200 adcode.png
rddywd.com/ 43 B
684 B 94ms
16ms Image
image/gif 2606:4700:3037::6815:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 52461
content-length: 43
cf-request-id: 081156867f00004ac294a35000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tDjkgT2lwSz%2F9uhujy2GSjjUujx3JnHXH%2FqALv9bFGjh3ypxudAwHQSnB2Gmj8J9RipxkTXVTnEHm6jPXxevkPjWwI6PJhKiNW0bXGEoSxYWEZlnLaL8"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 61c8c050cf4d4ac2-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 10ms
5ms Image
text/plain 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
2 KB 144ms
94ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 102110
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
cf-request-id: 0811568552000097ba4faf6000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 20:48:31 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c04eeb9097ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H/1.1 200
OK count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
619 B 569ms
195ms XHR
text/html 64.62.227.17
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.17 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

6d0bab540ac546f46d2b81850328618b4aa75b7eb9c20c5daf54f34a5c510880

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 05 Feb 2021 01:10:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 /
s.tradingview.com/embed-widget/ticker-tape/ Frame A7F7 0
0 253ms
93ms Document
text/html 143.204.93.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-58.fra50.r.cloudfront.net

Software

tv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Fri, 05 Feb 2021 00:28:02 GMT
expires: Fri, 05 Feb 2021 01:28:02 GMT
cache-control: max-age=3600
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lCpdlKWFBle01TmlRfdyA8YMtbIzz6HPBCaH_crMFQDvUKFWf1_z5A==
age: 2539

GET
H2 200 5f2c559be7229f0012f31c92.js Show response
buttons-config.sharethis.com/js/ 1 KB
870 B 25ms
7ms Script
text/javascript 2600:9000:20eb:c800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f2c559be7229f0012f31c92.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:19 GMT
content-encoding: gzip
etag: W/"321dc6041bb0ea183e662f402b588149"
last-modified: Thu, 06 Aug 2020 20:50:47 GMT
server: AmazonS3
age: 40
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: V0cVFI1IdtaUxc47WiZmKfNl1K0WKv63srUjhc1-NEWQ-NrRJLDqiA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6314
date: Thu, 04 Feb 2021 23:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 05 Feb 2021 01:25:07 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 149B 0
0 72ms
54ms Document
text/html 2600:9000:2156:1a00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Fri, 05 Feb 2021 00:43:54 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LWobmW5s3bqbYCw2v1UPBGfxRVnDKgN0pKm9f5QMdT8VlsSU-fg67g==
age: 1587

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
389 B 106ms
17ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1332907263&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=958887725&gjid=515665362&cid=1477827818.1612487422&tid=UA-16055024-1&_gid=1757875672.1612487422&_r=1&gtm=2ou1r0&z=1989564704

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 373ms
92ms XHR
text/plain 18.195.238.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=beforeitsnews.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fbeforeitsnews.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Before%20It%27s%20News%20%7C%20People%20Powered%20News&cms=unknown&publisher=5f2c559be7229f0012f31c92&embeds_csv=https%3A%2F%2Fwww.youtube.com%2Fembed%2FIthc62WXI_I%2Chttps%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F508536627%2Chttps%3A%2F%2Fwww.youtube.com%2Fembed%2FO269cn5aS0A&sop=true&bsamesite=true&consent_cookie_duration=118&consent_duration=118&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Before%20It%27s%20News%C2%AE%20is%20a%20community%20of%20individuals%20who%20report%20on%20what%27s%20going%20on%20around%20them%2C%20from%20all%20around%20the%20world.%20You%20can%20join%20to%20Contribute%20News%20and%20Comments.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.238.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-238-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 01:10:21 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 62ms
61ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 1072
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DCB403D7254D6E85
x-amz-id-2: Cnwert1GiENoysUfBDXPF2oxBVB7KvQCrQPePrf/gjyjLKV6G2s01OhrGpZe00vVtwDUBpnt1yc=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 081156878a0000d91d11aa3000000001
cf-ray: 61c8c0527e06d91d-AMS

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 48ms
48ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-16055024-1&cid=1477827818.1612487422&jid=958887725&gjid=515665362&_gid=1757875672.1612487422&_u=IEBAAUAAAAAAAC~&z=1332887505

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Feb 2021 01:10:21 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 64ms
63ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 287340
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:22 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 100ms
22ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=1477827818.1612487422&jid=958887725&_u=IEBAAUAAAAAAAC~&z=716381175

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
76ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=1477827818.1612487422&jid=958887725&_u=IEBAAUAAAAAAAC~&z=716381175

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
1 KB 112ms
110ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1094&cols=1&pv=5&cbuster=1612487422495227737670&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=1776fbd7261815bb070&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2021151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c26bd8553b62b335713191c30656c9fa2d2faa96baf8ca6743f486530a41193d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61c8c0573aa9d91d-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568a810000d91d27086000000001

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
1 KB 108ms
107ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=334&cols=1&pv=5&cbuster=1612487422565254377180&uniqId=0921c&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=1776fbd726698fd91db&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98868f5f202bcd8f53b5a73532d041ed58a776195e623659f774b90937b8b207

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61c8c0573aabd91d-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568a820000d91d4218e000000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
707 B 108ms
106ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1612487422687302066613
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40b7ff1a58e925fa577ef6c21abb1dfcef2604bf8d223a061600ba82ff52f04b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 15e6d5b3-96e3-404d-8f99-c5f07e249215
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61c8c057fb5ed91d-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568af90000d91d223bc000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame D3F8 19 B
470 B 103ms
103ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1612487422692732169106
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9c0c9bc0-a6f6-4142-8d14-7f5acf62d58a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61c8c057fb63d91d-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568afd0000d91d0a822000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2EzMzc2YTNlMzM2MDFjYWIwZWY1NGRjZjRmY2RhMzExLmpwZWc_dD0xNTEyNjg0NjY5OTAz.webp
s-img.mgid.com/g/3805631/492x328/0x48x565x376/ 9 KB
9 KB 62ms
61ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805631/492x328/0x48x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2EzMzc2YTNlMzM2MDFjYWIwZWY1NGRjZjRmY2RhMzExLmpwZWc_dD0xNTEyNjg0NjY5OTAz.webp?v=1612487422-wikTaGRqluvNKOvDnpbNb-g3eSbd83Wis-dYDBcwEgU
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab091088c93010fd8f1c582f5ba623f07351a9e688b0f6690d3093c32917378d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: 37dfa2ab-f374-4753-a33c-f6b4111338b3
age: 2149090
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9350
cf-request-id: 0811568b020000d91d3b140000000001
last-modified: Mon, 05 Oct 2020 11:41:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0580b70d91d-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2EzMzc2YTNlMzM2MDFjYWIwZWY1NGRjZjRmY2RhMzExLmpwZWc_dD0xNTEyNjg0NjY5OTAz.webp
s-img.mgid.com/g/3805631/492x328/0x48x565x376/ Frame BB01 9 KB
9 KB 63ms
61ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805631/492x328/0x48x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2EzMzc2YTNlMzM2MDFjYWIwZWY1NGRjZjRmY2RhMzExLmpwZWc_dD0xNTEyNjg0NjY5OTAz.webp?v=1612487422-wikTaGRqluvNKOvDnpbNb-g3eSbd83Wis-dYDBcwEgU
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab091088c93010fd8f1c582f5ba623f07351a9e688b0f6690d3093c32917378d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: 37dfa2ab-f374-4753-a33c-f6b4111338b3
age: 2149090
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9350
cf-request-id: 0811568b020000d91d552c5000000001
last-modified: Mon, 05 Oct 2020 11:41:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0580b6fd91d-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/ 25 KB
25 KB 63ms
61ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1612487422-6ApYB-vR0kYG-x7Nut4CuVSHxm_W_Ij3oodubvURLw0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b344878b924f05bfd27685aa36df479359c2b9d7b045436b3f0a0892d4fc210

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: 92336cb0-254a-4b4f-835d-7c68ba61267c
age: 1586530
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25424
cf-request-id: 0811568b120000d91d27be6000000001
last-modified: Mon, 05 Oct 2020 11:26:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0581b86d91d-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZjMjMzNDQ5ZjFmODhkYzZmOTE5NGVjNjMyYTIxNWYzLmpwZWc.webp
s-img.mgid.com/g/5097643/492x277/89x0x863x575/ 11 KB
11 KB 59ms
57ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097643/492x277/89x0x863x575/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZjMjMzNDQ5ZjFmODhkYzZmOTE5NGVjNjMyYTIxNWYzLmpwZWc.webp?v=1612487422-3SgGWQEluYx0FDu227rCiH0lZw2fOX7whAQAVoWW4iE
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1e8d25717223a591f7202a1afccb0667906a7b15f2aa74f0cbfbd8118a4fca

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: d866d4c9-6209-4e91-b3d6-5dcf9ba0e8de
age: 7589113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11172
cf-request-id: 0811568b120000d91deb0c6000000001
last-modified: Mon, 05 Oct 2020 11:23:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0581b89d91d-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2I4NTRjYzBiMTE5OWIxMmQ1MmM5MTJhMjg1ZjljZThmLmpwZWc.webp
s-img.mgid.com/g/4020998/492x277/0x40x1126x750/ 7 KB
7 KB 72ms
71ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4020998/492x277/0x40x1126x750/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2I4NTRjYzBiMTE5OWIxMmQ1MmM5MTJhMjg1ZjljZThmLmpwZWc.webp?v=1612487422-Kdt8nl61v472JH_UCZ1ys-pTYpqHK-OMU0IG0SH-BFc
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd84f10dadd8fe295d2e95a5afe471e220c056e4fdf9a25397ad3253bb5f3c2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: 84a4a531-974b-431d-952e-12eb5af615c2
age: 7766305
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7358
cf-request-id: 0811568b120000d91d240df000000001
last-modified: Mon, 05 Oct 2020 11:44:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0581b8ad91d-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzZjOGFhZTg3NzczZjM0MTc4ZDU0N2RiZDI3OTQwYzNhLmpwZWc.webp
s-img.mgid.com/g/3835476/492x277/248x0x1353x902/ 8 KB
8 KB 66ms
65ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3835476/492x277/248x0x1353x902/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzZjOGFhZTg3NzczZjM0MTc4ZDU0N2RiZDI3OTQwYzNhLmpwZWc.webp?v=1612487422-7Q7FkUTqzYSL5c5-yDL1EdUvOJtqw9G1plgKfwJ505g
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 388169d81bec00c14a9158ff5f9b73cfdc77eccfa3393fbf6e7c3348c3c38641

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: 9471f8ca-988f-4b85-9e82-47b8161af7ff
age: 7946425
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7894
cf-request-id: 0811568b130000d91deb919000000001
last-modified: Mon, 05 Oct 2020 11:22:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0581b8bd91d-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/ Frame 8C5D 25 KB
25 KB 100ms
99ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1612487422-6ApYB-vR0kYG-x7Nut4CuVSHxm_W_Ij3oodubvURLw0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b344878b924f05bfd27685aa36df479359c2b9d7b045436b3f0a0892d4fc210

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: 92336cb0-254a-4b4f-835d-7c68ba61267c
age: 1586530
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25424
cf-request-id: 0811568b490000d91defab8000000001
last-modified: Mon, 05 Oct 2020 11:26:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0586bced91d-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZjMjMzNDQ5ZjFmODhkYzZmOTE5NGVjNjMyYTIxNWYzLmpwZWc.webp
s-img.mgid.com/g/5097643/492x277/89x0x863x575/ Frame 8C5D 11 KB
11 KB 99ms
98ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097643/492x277/89x0x863x575/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZjMjMzNDQ5ZjFmODhkYzZmOTE5NGVjNjMyYTIxNWYzLmpwZWc.webp?v=1612487422-3SgGWQEluYx0FDu227rCiH0lZw2fOX7whAQAVoWW4iE
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1e8d25717223a591f7202a1afccb0667906a7b15f2aa74f0cbfbd8118a4fca

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: d866d4c9-6209-4e91-b3d6-5dcf9ba0e8de
age: 7589113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11172
cf-request-id: 0811568b450000d91dea30c000000001
last-modified: Mon, 05 Oct 2020 11:23:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0586bd1d91d-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2I4NTRjYzBiMTE5OWIxMmQ1MmM5MTJhMjg1ZjljZThmLmpwZWc.webp
s-img.mgid.com/g/4020998/492x277/0x40x1126x750/ Frame 8C5D 7 KB
7 KB 89ms
88ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4020998/492x277/0x40x1126x750/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2I4NTRjYzBiMTE5OWIxMmQ1MmM5MTJhMjg1ZjljZThmLmpwZWc.webp?v=1612487422-Kdt8nl61v472JH_UCZ1ys-pTYpqHK-OMU0IG0SH-BFc
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd84f10dadd8fe295d2e95a5afe471e220c056e4fdf9a25397ad3253bb5f3c2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: 84a4a531-974b-431d-952e-12eb5af615c2
age: 7766305
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7358
cf-request-id: 0811568b4f0000d91d3b143000000001
last-modified: Mon, 05 Oct 2020 11:44:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0587bf5d91d-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzZjOGFhZTg3NzczZjM0MTc4ZDU0N2RiZDI3OTQwYzNhLmpwZWc.webp
s-img.mgid.com/g/3835476/492x277/248x0x1353x902/ Frame 8C5D 8 KB
8 KB 86ms
85ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3835476/492x277/248x0x1353x902/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzZjOGFhZTg3NzczZjM0MTc4ZDU0N2RiZDI3OTQwYzNhLmpwZWc.webp?v=1612487422-7Q7FkUTqzYSL5c5-yDL1EdUvOJtqw9G1plgKfwJ505g
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 388169d81bec00c14a9158ff5f9b73cfdc77eccfa3393fbf6e7c3348c3c38641

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: 9471f8ca-988f-4b85-9e82-47b8161af7ff
age: 7946425
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7894
cf-request-id: 0811568b510000d91dea804000000001
last-modified: Mon, 05 Oct 2020 11:22:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61c8c0588bf7d91d-AMS

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 46E6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

142ms
42ms

Document
text/html

184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1612487422687302066613
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Feb 2021 01:10:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Fri, 05 Feb 2021 01:10:22 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
622 B 222ms
106ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l14mTBNfHsah
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61c8c05969511fe6-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568be200001fe6c10c4000000001

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l14mTBNfHsah
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l14mTBNfHsah
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ff151029-4df9-4fd4-813c-5c50a85e9ed1&gdpr=&gdpr_consent=&gdpr_pd=

46 B
544 B

171ms
70ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ff151029-4df9-4fd4-813c-5c50a85e9ed1&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 05 Feb 2021 01:10:23 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Fri, 05 Feb 2021 01:10:23 GMT

Redirect headers

location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ff151029-4df9-4fd4-813c-5c50a85e9ed1&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 05 Feb 2021 01:10:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=d9021856-1d24-4e5e-86eb-a3c61fdc489d&ttl=1615079423

43 B
228 B

105ms
105ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=d9021856-1d24-4e5e-86eb-a3c61fdc489d&ttl=1615079423
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:23 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 974d76b5-6495-4527-8ae3-35078c4ffb5f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61c8c05a6d8ed91d-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568c7f0000d91dff1a2000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=d9021856-1d24-4e5e-86eb-a3c61fdc489d&ttl=1615079423
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e476ec40-a15f-4f08-9c97-bcd73ae892e9&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=ff151029-4df9-4fd4-813c-5c50a85e9ed1&gdpr=&gdpr_consent=&us_privacy=

43 B
243 B

105ms
105ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=ff151029-4df9-4fd4-813c-5c50a85e9ed1&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:23 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 059d2c56-66a5-4a44-95ed-628954365043
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61c8c05caf7ed91d-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568de50000d91d2a078000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=ff151029-4df9-4fd4-813c-5c50a85e9ed1&gdpr=&gdpr_consent=&us_privacy=
date: Fri, 05 Feb 2021 01:10:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 214ms
102ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l14mTBNfHsah
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61c8c05968340c0d-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 0811568be000000c0d7b8ad000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=kuv1FoIB2sb9aAzLv0qT&pi=mgid&tc=1

43 B
235 B

115ms
115ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=kuv1FoIB2sb9aAzLv0qT&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:23 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6f6ff671-ff5a-4404-ab7c-1f271f7af347
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61c8c05a2d68d91d-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568c5d0000d91d3ebf7000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=kuv1FoIB2sb9aAzLv0qT&pi=mgid&tc=1
pragma: no-cache
date: Fri, 05 Feb 2021 01:10:23 GMT, Fri, 05 Feb 2021 01:10:23 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDE0bVRCTmZIc2Fo&muidn=l14mTBNfHsah
https://cm.mgid.com/google?muidn=l14mTBNfHsah&google_ula={guid},5&google_gid=CAESEM0VbxElBWybPJfq_OjGgxk&google_cver=1

0
305 B

110ms
110ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l14mTBNfHsah&google_ula={guid},5&google_gid=CAESEM0VbxElBWybPJfq_OjGgxk&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61c8c05a1d4cd91d-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568c4f0000d91dfc0a0000000001

Redirect headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l14mTBNfHsah&google_ula={guid},5&google_gid=CAESEM0VbxElBWybPJfq_OjGgxk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsDynamic-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 23ms
21ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33935025719f5668bfab105458c9ce15c77fc676813cf0bb7ddc29a2c59c3df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183709
cf-polished: origSize=6552
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568e3a000097ba41adc000000001
last-modified: Fri, 22 Jan 2021 08:19:31 GMT
server: cloudflare
etag: W/"600a8a93-1998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c05d2d8d97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 responsive-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
901 B 20ms
18ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183709
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568e3a000097ba473c0000000001
last-modified: Fri, 22 Jan 2021 08:19:32 GMT
server: cloudflare
etag: W/"600a8a94-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c05d2d8e97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 validate-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 24ms
23ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183709
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568e3a000097ba710c8000000001
last-modified: Fri, 22 Jan 2021 08:19:33 GMT
server: cloudflare
etag: W/"600a8a95-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c05d2d8f97ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 loadmore-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
2 KB 31ms
30ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183709
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568e3b000097ba3fb96000000001
last-modified: Fri, 22 Jan 2021 08:19:31 GMT
server: cloudflare
etag: W/"600a8a93-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61c8c05d2d9097ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

d365fba205ee50dbe24a2d2777f4d8a0e6b2484f0bcf793dc9f2adc49897d113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 177ms
49ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210122.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:23 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 19:30:06 GMT
server: nginx
etag: W/"5364-1612294206472"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

GET
H/1.1 200
OK get_banners_direct.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/ 2 KB
1 KB 186ms
186ms XHR
text/html 64.62.227.17
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/get_banners_direct.php?type=on_regular_page&_=1612487423589

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.17 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

89ec21d8217265ddf4ecd89ea9f2e5e6be59c21a787f8b7fd646c537bad1a9b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 01:10:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 30ms
15ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:23 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3593
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 61c8c05d8cc5dfa5-FRA
cf-request-id: 0811568e770000dfa55921c000000001
expires: Fri, 05 Feb 2021 13:10:23 GMT

GET
H/1.1 200
OK get_items_to_show.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 59 KB
7 KB 184ms
184ms XHR
text/html 64.62.227.17
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1612487423591

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.17 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

89a343996356dad703421e022aff9a7cc61f444d20b194fcead151f84dcef276

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 01:10:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 get-most-recent-stories-list.php Show response
beforeitsnews.com/v3/recent/ 21 KB
5 KB 583ms
583ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1612487423591

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0086f5776a806a99fc38444a04810c58c397c21b8871096edaaa7b447b14f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0811568e69000097ba69901000000001
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 61c8c05d7d9997ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 00:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2496
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 05 Feb 2021 01:28:47 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 00:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2692
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 05 Feb 2021 01:25:31 GMT

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 243 KB
87 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30330
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88693
x-xss-protection: 0
last-modified: Mon, 30 Nov 2020 10:52:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 16:44:53 GMT

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 34ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 20:49:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 15662
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Fri, 04 Feb 2022 20:49:21 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 4A47 18 KB
4 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 00:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2496
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 05 Feb 2021 01:28:47 GMT

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
904 B 31ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 20:58:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 15129
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Fri, 04 Feb 2022 20:58:14 GMT

GET
H3-Q050 200 cleardot.gif
www.google.com/images/ 43 B
124 B 14ms
14ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 01:10:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame AE28 3 KB
1 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JpOTBBcqjxcjWMURx1D0Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-JpOTBBcqjxcjWMURx1D0Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Fri, 05 Feb 2021 01:10:23 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 6ms
6ms Image
image/gif 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:21:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 56944
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Fri, 04 Feb 2022 09:21:19 GMT

GET
H2 200 1254f8aeb6052793b95b5f24352a623f1c485941.jpeg
beforeitsnews.com/img/i2021/02/ 13 KB
13 KB 21ms
20ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/1254f8aeb6052793b95b5f24352a623f1c485941.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f9337c247b2b62af1529fab8e617616e9a3ac49648f428fe2283e3343a580db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 331783
cf-polished: origSize=13891, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13014
cf-request-id: 0811568f26000097ba5eb59000000001
last-modified: Wed, 21 Aug 2019 02:22:47 GMT
server: cloudflare
etag: "5d5caaf7-3643"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 05:00:40 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c05eadc197ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 e28e9ed3cfa56dfb17832c9fce2bce8f7225fe1b.jpg
beforeitsnews.com/img/i2021/02/ 35 KB
35 KB 19ms
19ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/e28e9ed3cfa56dfb17832c9fce2bce8f7225fe1b.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85c96975ada9e742e0c39ae4514eca0002dd691af8bc9985b520075448eb3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 331819
cf-polished: origSize=68837, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35768
cf-request-id: 0811568f26000097ba632f1000000001
last-modified: Fri, 22 Jan 2021 17:52:28 GMT
server: cloudflare
etag: "600b10dc-10ce5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 05:00:04 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c05eadc297ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 10864438442185062
lockerdome.com/lad/ Frame 8112 0
0 613ms
163ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 05 Feb 2021 01:10:24 GMT

GET
H/1.1 200
OK 10864440455450982
lockerdome.com/lad/ Frame 999E 0
0 607ms
159ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 05 Feb 2021 01:10:24 GMT

GET
H2 200 49tE7hX1IFRt_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 23 KB
24 KB 52ms
41ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/49tE7hX1IFRt_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

f91dd008629b885ba10c558f0b49cfe259f71df735caa798e9985d63ee0c499c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-05 00:54:18
cdn-pullzone: 89010
content-length: 23646
x-amz-request-id: tx000000000000021b888dc-00601c892a-43ba6e0-nyc3a
last-modified: Thu, 04 Feb 2021 23:47:16 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: cebfb39cc4054cdd950807fbff10fa75
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 Miguel_Cardona_vasilis_asvestas_Shutterstock.jpg
www.catholicnewsagency.com/images/ 26 KB
27 KB 260ms
235ms Image
image/jpg 2606:4700:3036::6815:3aa9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/Miguel_Cardona_vasilis_asvestas_Shutterstock.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3aa9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15
Resource Hash: 8fbb77b467cbfe7549dd7dc65c0a0d5b77e986aa258a47a77470010d4e71a5bf

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.4.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=plmotxwelwifGbqy4v5Vq12u95Yud9pA%2BDkd0XAc9I%2FEe5fJkJnxysvZUKLswngBf0dlboELdXEnpVoMx4D3hFnNFu7zLBTgpPyrZ8DXaxNPfDqqiJOYoOo%2FUsRguxyYIfqTXoI2sQ%3D%3D"}],"group":"cf-nel"}
content-type: image/jpg
cache-control: max-age=16070400
cf-ray: 61c8c0614c5cc286-FRA
cf-request-id: 08115690cd0000c286e51a0000000001
expires: Sun, 07 Mar 2021 01:10:24 GMT

GET
H2 200 Homeless_Credit_Marc_Bruneke_via_Flickr_CC_BY_NC_20_CNA_2_10_15.jpg
www.catholicnewsagency.com/images/ 15 KB
15 KB 42ms
18ms Image
image/jpg 2606:4700:3036::6815:3aa9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/Homeless_Credit_Marc_Bruneke_via_Flickr_CC_BY_NC_20_CNA_2_10_15.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3aa9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15
Resource Hash: 68244f2890e84fcf241404fb1938c2e3facb27fd545954715085ddd460d521de

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 370
x-powered-by: PHP/7.4.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pvHScMGkEeERFnlrT7P5uwLf0YeGeLytoZ2dftzIxzBu9vzcY1dQMiYpZWj6fXRKabqiQt6HclsTw5W1l2jlgjQCZmFESHSclDH%2B0y%2BPT4eqdvprLWdHkq0wI0rwe2JBVZU7scA6CQ%3D%3D"}],"group":"cf-nel"}
content-type: image/jpg
cache-control: max-age=16070400
cf-ray: 61c8c0614c5dc286-FRA
cf-request-id: 08115690cd0000c286ee22c000000001
expires: Sun, 07 Mar 2021 01:04:14 GMT

GET
H2 200 Pergamon.jpg
www.ancient-origins.net/sites/default/files/styles/large/public/field/image/ 32 KB
33 KB 36ms
12ms Image
image/jpeg 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ancient-origins.net/sites/default/files/styles/large/public/field/image/Pergamon.jpg?itok=zvgUFGN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05dac8b21d1bb8bf3f41528b45d995dc6b5d35fcbf0ed8b55d41175c1dd95155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 530
cf-polished: origSize=34665
cf-bgj: imgq:85,h2pri
content-length: 33163
cf-request-id: 08115690cd000007421fb41000000001
last-modified: Fri, 05 Feb 2021 00:56:11 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ssqtYxJclOeQf9dhipwbz5E2CTKF0GJde0XMuoticlp0CjfnCJiIIwf2Ye3908PrSeIXflaOE8on7hj8Z%2BUP4cxNxOm01zwxwBQ0CTp1%2FWyi22mQU%2Br0iFyh7MR1jiEWYa4CIA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 61c8c0614ad00742-FRA
expires: Sun, 07 Mar 2021 01:01:32 GMT

GET
H2 200 uKInBD8xxrSd_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ 35 KB
36 KB 52ms
43ms Image
image/jpeg 89.187.169.15
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/uKInBD8xxrSd_640x360.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-15.cdn77.com

Software

BunnyCDN-DE1-632 /

Resource Hash

5e4981d4fd90b67b9a8a5e60bc448f4076907cf7243e4291236123bf017adae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000021c9db51-00601c6b4b-43b5652-nyc3a
cdn-cachedat: 2021-02-04 22:46:51
cdn-pullzone: 89010
content-length: 36168
last-modified: Thu, 04 Feb 2021 21:36:36 GMT
server: BunnyCDN-DE1-632
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 115d4991ffd3f98f7d58d5a8ea1fd109
accept-ranges: bytes
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/WFtcgwvZSlM/ 30 KB
30 KB 47ms
39ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/WFtcgwvZSlM/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794ed15ade471f05ebba7a2e2f4bd92d91090afbabd89932e12de4e3655f8d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1611332895"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30578
x-xss-protection: 0
expires: Fri, 05 Feb 2021 03:10:24 GMT

GET
H/1.1 200
OK lB56IugHsEQ.jpg
littlegreenfootballs.com/weblog/thumbnails/charles/2021/02/04/ 70 KB
70 KB 784ms
164ms Image
image/jpeg 50.22.29.15
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://littlegreenfootballs.com/weblog/thumbnails/charles/2021/02/04/lB56IugHsEQ.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.22.29.15 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Apache /

Resource Hash

f9638ac5f9e74d16bf3a2e36eafd7b1b321fcff1e6b8a3b578f43f1d55867a88

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 01:10:25 GMT
Last-Modified: Fri, 05 Feb 2021 00:43:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=29030400, public
Connection: close
Accept-Ranges: bytes
Content-Length: 71252
X-XSS-Protection: 1; mode=block
Expires: Fri, 07 Jan 2022 01:10:25 GMT

GET
H2 200 cover-1-890x395_c.jpg
loopehome.files.wordpress.com/2019/12/ 76 KB
76 KB 159ms
60ms Image
image/jpeg 192.0.72.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loopehome.files.wordpress.com/2019/12/cover-1-890x395_c.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.27 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79492da9b3945b16013aba7030d3a21905165bc4d54d61d8c03d12cf573beec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 27 np
date: Fri, 05 Feb 2021 01:10:24 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Fri, 13 Dec 2019 14:01:21 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: image/jpeg
access-control-allow-origin: https://loopehome.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 77362
expires: Thu, 11 Mar 2021 09:31:35 GMT

GET
H2 200 plan.png
www.henrymakow.com/upload_images/ 438 KB
439 KB 167ms
12ms Image
image/png 2606:4700:3032::ac43:85f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.henrymakow.com/upload_images/plan.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:85f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 776e90e71bdf5486b1f0261db6974fa36031376dcabee2dead18687bfafaf9ea

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 27853
content-length: 448834
cf-request-id: 081156915100002c19a21e2000000001
last-modified: Mon, 31 Aug 2020 23:43:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7ElAul1vLsFcVlIhMIS9ovMKJg8OOr93fFqaHtduEYZ4JKd1eRxvwsyj7cqNRw8%2B0QKaid3vEyqKDaW5GsFFHWJZI0ZoJk19C8ljhravCnlGj7HsNz4qL2LrL4Xkiy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 61c8c0621ea52c19-FRA
expires: Thu, 11 Feb 2021 17:26:10 GMT

GET
H2 200 Esau%20Jacob.jpg
beforeitsnews.com/contributor/upload/724569/images/ 34 KB
34 KB 28ms
20ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Esau%20Jacob.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

595571328b66d274f4f353568ef280fc1a51859a66fc4779de58845d2bf1facb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1214
cf-polished: origSize=38576, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34468
cf-request-id: 08115690be000097ba3e82d000000001
last-modified: Sat, 07 Nov 2020 21:44:03 GMT
server: cloudflare
etag: "5fa71523-96b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 00:50:10 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c0612e0097ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/_sFoMGIOX_8/ 32 KB
32 KB 78ms
71ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/_sFoMGIOX_8/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9074d7da5376f1e564bf54c78bec23c265d8054a3f2a7f901590c809c9eec20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1612474989"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32485
x-xss-protection: 0
expires: Fri, 05 Feb 2021 01:15:24 GMT

GET
H2 200 d1e3a3fb8d41046288fb74e376828e6c.jpg
ethan2k21.files.wordpress.com/2021/01/ 164 KB
164 KB 158ms
59ms Image
image/jpeg 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ethan2k21.files.wordpress.com/2021/01/d1e3a3fb8d41046288fb74e376828e6c.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

76fbd79c9ed3cd8cba244ef54bcbece1bf28e855a491fbd3d36e4a604d45fe93

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 23 np
date: Fri, 05 Feb 2021 01:10:24 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Thu, 14 Jan 2021 18:28:42 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: image/jpeg
access-control-allow-origin: https://ethan2k21.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 167977
expires: Fri, 12 Mar 2021 10:56:08 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/EA9m-5Gd_E0/ 21 KB
22 KB 13ms
7ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/EA9m-5Gd_E0/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03158d5b1537e8da50a2f87b297d46e25638c58ae99a29569c99e6850dd8b6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:05:46 GMT
x-content-type-options: nosniff
server: sffe
age: 278
etag: "1612483260"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22008
x-xss-protection: 0
expires: Fri, 05 Feb 2021 01:10:46 GMT

GET
H2 200 ad31801d-a456-4511-87ca-0052c3f3d215-730x487.jpg
media.townhall.com/townhall/reu/o/2020/156/ 54 KB
55 KB 197ms
63ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/o/2020/156/ad31801d-a456-4511-87ca-0052c3f3d215-730x487.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9068b2a6b26489af1fa3eabd12ba11fdbbb0553d532315446ae4258917d1d508

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
server: nginx/1.10.3 (Ubuntu)
x-img: thmbor3
etag: "b83695babf3d5dd2dd714f514e032148873495ca"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 55654
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1612487424.dop229.lo4.t,1612487424.cds282.lo4.hn,1612487424.cds077.lo4.c

GET
H2 200 top-10-vehicles-for-your-emp-survival-890x395_c.jpg
ethan2k21.files.wordpress.com/2020/12/ 72 KB
72 KB 157ms
59ms Image
image/jpeg 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ethan2k21.files.wordpress.com/2020/12/top-10-vehicles-for-your-emp-survival-890x395_c.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d76ba597d7012b39ab4e5c4255b114e7bdc5a5fbed6d8922e965abeae420024b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 23 np
date: Fri, 05 Feb 2021 01:10:24 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 30 Dec 2020 19:32:30 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: image/jpeg
access-control-allow-origin: https://ethan2k21.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 73463
expires: Tue, 02 Mar 2021 06:47:42 GMT

GET
H2 200 1-earth-sos-conceptual-image-detlev-van-ravenswaay.jpg
images.fineartamerica.com/images-medium-large/ 84 KB
84 KB 42ms
20ms Image
image/jpeg 2600:9000:20eb:fa00:d:8a0c:6440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fineartamerica.com/images-medium-large/1-earth-sos-conceptual-image-detlev-van-ravenswaay.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:fa00:d:8a0c:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36fe45df416d7f6e22dcb693f50939a972ee5f50bfb0170e9b83a6415471712f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 00:19:59 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
last-modified: Mon, 13 May 2013 21:52:00 GMT
server: AmazonS3
x-amz-request-id: 753B80A54EEF493E
etag: "93ef4b62ea98634b776d32f14ab1dd23"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=1296000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 85941
x-amz-id-2: fWrrGceShhHKRNJCDNW2O/sj93Gw4Aoo1mcxa4PInsrHZBNPQr5M05ItcX3L6O4qVa+HSwZhdHQ=
x-amz-cf-id: FA8EZaegWXlyoFHv0u-60dlAPsLo5rd5cCxr2HZ24BiWkl8wtVw3MQ==

GET
H2 200 iu-6%20(14).jpg
beforeitsnews.com/contributor/upload/724569/images/ 19 KB
19 KB 27ms
21ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/iu-6%20(14).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a33751487807231c0f14ca986394e5f717ab8fe31c69687891b78480ed175693

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1786
cf-polished: origSize=23552, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19055
cf-request-id: 08115690be000097ba632f6000000001
last-modified: Sat, 27 Jun 2020 21:17:34 GMT
server: cloudflare
etag: "5ef7b76e-5c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 00:40:38 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c0612e0197ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 210104-M-XU129-1010Y.JPG
media.defense.gov/2021/Feb/04/2002576396/1088/820/0/ 227 KB
228 KB 184ms
11ms Image
image/webp 2a02:26f0:1700:180::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2021/Feb/04/2002576396/1088/820/0/210104-M-XU129-1010Y.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:180::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

55e61bcd3be6d263375559e8ca8b06a26c739a1d2efac4e4e04fdb99546a3513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
last-modified: Thu, 04 Feb 2021 23:48:43 GMT
server: Akamai Image Manager
etag: 0x8D8C966D2F3AB51
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, GET
content-type: image/webp
access-control-allow-origin: *, *
cache-control: private, no-transform, max-age=43200
content-length: 232770
expires: Fri, 05 Feb 2021 13:10:24 GMT

GET
H2 200 210204-S-ZZ999-102.JPG
media.defense.gov/2021/Feb/04/2002576388/825/780/0/ 104 KB
104 KB 195ms
27ms Image
image/webp 2a02:26f0:1700:180::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2021/Feb/04/2002576388/825/780/0/210204-S-ZZ999-102.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:180::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c66ce956f39a0d603cc74264d3b5a64b33fcfd06ec5d0ca62233f5ca272eba9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
last-modified: Thu, 04 Feb 2021 23:39:46 GMT
server: Akamai Image Manager
etag: 0x8D8C96602E32306
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, GET
content-type: image/webp
access-control-allow-origin: *, *
cache-control: private, no-transform, max-age=43200
content-length: 106280
expires: Fri, 05 Feb 2021 13:10:24 GMT

GET
H3-Q050 200 finger.jpg
1.bp.blogspot.com/-Uut9yCKUJJE/YByNG4zjQXI/AAAAAAAAqfM/wU06xmOakwwFBCttCwxEtFYEjWyi7YgawCLcBGAsYHQ/s0/ 6 KB
7 KB 40ms
24ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Uut9yCKUJJE/YByNG4zjQXI/AAAAAAAAqfM/wU06xmOakwwFBCttCwxEtFYEjWyi7YgawCLcBGAsYHQ/s0/finger.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

226f316eefd8eaa72793b141b43b90ff6ca2890c1216d8508376d54d40d6e51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 00:35:21 GMT
x-content-type-options: nosniff
age: 2103
content-disposition: inline;filename="finger.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6424
x-xss-protection: 0
server: fife
etag: "va9f4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Feb 2021 00:35:21 GMT

GET
H2 200 Screen%20Shot%202021-01-21%20at%207_48_25%20PM%20(1).jpg
beforeitsnews.com/contributor/upload/724569/images/ 35 KB
35 KB 28ms
23ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202021-01-21%20at%207_48_25%20PM%20(1).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6959f26c381f69096c31a4787e1fd4ee01f9c5d432222cb9a07b323a8bb2af4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2023
cf-polished: origSize=41053, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35604
cf-request-id: 08115690be000097ba5eb5e000000001
last-modified: Thu, 21 Jan 2021 22:07:36 GMT
server: cloudflare
etag: "6009fb28-a05d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 00:36:41 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c0612e0297ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Screen%20Shot%202021-01-16%20at%202_14_12%20AM.jpg
beforeitsnews.com/contributor/upload/724569/images/ 31 KB
31 KB 38ms
33ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202021-01-16%20at%202_14_12%20AM.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6e0bbebc4d5aa64ddf72f267cdb13cc964e8920ade65f3e17080381f1a3aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2415
cf-polished: origSize=36292, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31449
cf-request-id: 08115690bf000097ba70b1a000000001
last-modified: Sat, 16 Jan 2021 00:37:14 GMT
server: cloudflare
etag: "6002353a-8dc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 00:30:09 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c0612e0397ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 /
external-content.duckduckgo.com/iu/ 13 KB
13 KB 141ms
46ms Image
image/jpeg 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse3.mm.bing.net%2Fth%3Fid%3DOIF.HPAM%252bT6LeEJAAQYPWfxl%252fw%26pid%3DApi&f=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

4e555e49fea3722b4d9e27d258bdf38131db6d05f5c592174fde5fb1d0c863c3

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-duckduckgo-locale: en_US
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Fri, 05 Feb 2021 01:10:24 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
expires: Sat, 05 Feb 2022 01:10:24 GMT

GET
H2 200 bitchgone.jpg
beforeitsnews.com/contributor/upload/25041/images/ 18 KB
18 KB 27ms
22ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/25041/images/bitchgone.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f919109538a391b8ade569dcefa011c1926d14399dba2f4d0fbaa3d710bcc08d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2968
cf-polished: origSize=24963, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18035
cf-request-id: 08115690bf000097ba542ac000000001
last-modified: Fri, 05 Feb 2021 00:17:47 GMT
server: cloudflare
etag: "601c8eab-6183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 00:20:55 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c0612e0497ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/iJiO5N_Cv1c/ 34 KB
34 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/iJiO5N_Cv1c/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4098712087ea6cc38f555e0a3009cd4219e9fb2f796234686316c39b3034cb6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:06:24 GMT
x-content-type-options: nosniff
server: sffe
age: 240
etag: "1612463261"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34683
x-xss-protection: 0
expires: Fri, 05 Feb 2021 01:11:24 GMT

GET
H2 200 photo%20(4).jpg
beforeitsnews.com/contributor/upload/106013/images/ 34 KB
35 KB 23ms
19ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/photo%20(4).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f45ae6738727ea1213abd3f100e6a40e0d243ec4b0b02bc0af2d5c9f245bf09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3328
cf-polished: origSize=40023, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35196
cf-request-id: 08115690bf000097ba69909000000001
last-modified: Fri, 05 Feb 2021 00:13:09 GMT
server: cloudflare
etag: "601c8d95-9c57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 00:14:56 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c0612e0597ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Screen%20Shot%202021-01-25%20at%202_07_29%20AM%20(1).jpg
beforeitsnews.com/contributor/upload/724569/images/ 8 KB
8 KB 32ms
28ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202021-01-25%20at%202_07_29%20AM%20(1).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4498a15759375f00881c3f2c4bb34ffef4b149b5bc405f73536c74995c26b5e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:10:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3327
cf-polished: origSize=13300, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7787
cf-request-id: 08115690bf000097ba5c04a000000001
last-modified: Mon, 25 Jan 2021 12:16:14 GMT
server: cloudflare
etag: "600eb68e-33f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 00:14:57 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61c8c0612e0697ba-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://beforeitsnews.com/(Line 490) Message: [Web Cached] Loaded time: 0.00263s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	info	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js(Line 39) Message: adsVideosRotating: id62 views: 8,780.5k
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2021151(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2021151(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.sportradarserving.com
ajax.beforeitsnews.com
ams.creativecdn.com
beforeitsnews.com
blackhammer.org
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.qz.com
contextual.media.net
creativecdn.com
ethan2k21.files.wordpress.com
eus.rubiconproject.com
external-content.duckduckgo.com
fonts.googleapis.com
fonts.gstatic.com
i.imgflip.com
i.ytimg.com
images.fineartamerica.com
img.beforeitsnews.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
l.sharethis.com
littlegreenfootballs.com
lockerdome.com
loopehome.files.wordpress.com
match.adsrvr.org
media.defense.gov
media.mercola.com
media.townhall.com
pagead2.googlesyndication.com
platform-api.sharethis.com
player.vimeo.com
prepareforchange.net
rddywd.com
s-img.mgid.com
s.tradingview.com
s.w.org
s3.amazonaws.com
s3.tradingview.com
secure-assets.rubiconproject.com
secureservercdn.net
servicer.mgid.com
stateofthenation2012.com
static-3.bitchute.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
tse2.explicit.bing.net
tse4.mm.bing.net
video.brighteon.com
www.ancient-origins.net
www.catholicnewsagency.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.henrymakow.com
www.youtube.com
x.bidswitch.net
104.154.142.214
104.16.199.73
104.18.12.238
104.18.255.14
104.19.132.78
104.19.216.61
13.224.194.51
143.204.93.58
151.101.12.217
151.139.242.29
172.217.23.98
172.67.71.40
18.194.183.62
18.195.238.30
184.30.212.16
185.184.8.30
192.0.66.2
192.0.72.23
192.0.72.27
192.0.77.48
192.124.249.61
198.187.29.8
2.18.235.93
204.79.197.201
205.185.216.10
23.79.143.124
2600:9000:20eb:c800:c:abe:f440:93a1
2600:9000:20eb:fa00:d:8a0c:6440:93a1
2600:9000:2156:1a00:c:a9b7:ddc0:93a1
2600:9000:2156:ce00:1c:8a07:5e80:93a1
2606:4700:10::ac43:e6e
2606:4700:20::681a:b4a
2606:4700:3031::ac43:a025
2606:4700:3032::ac43:85f3
2606:4700:3036::6815:3aa9
2606:4700:3037::6815:1aad
2606:4700::6811:e4f
2606:4700::6812:e234
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:800::2016
2a00:1450:4001:801::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9b
2a02:26f0:1700:180::221c
2a02:fe80:1010::16
35.157.252.59
40.114.178.124
50.22.29.15
52.216.200.205
54.74.225.211
64.62.227.17
89.187.169.15
0095361992809440027fa0bf90e1913408348da543e84a6708b3f1d31c67b306
015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123
0277746a76979bf685e56ab2b5f8e3be9f087efa9fa91bf09a1674e0a94a01ff
03158d5b1537e8da50a2f87b297d46e25638c58ae99a29569c99e6850dd8b6fb
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
05dac8b21d1bb8bf3f41528b45d995dc6b5d35fcbf0ed8b55d41175c1dd95155
068fe17f9d43898c88ab0b2bab778b800d9ec0771547e9e73f1502621baa79f1
06f926e3af6282927cbd9206122c2860cc2c7ca80f53bd52db02202dcb174ecd
0bd84f10dadd8fe295d2e95a5afe471e220c056e4fdf9a25397ad3253bb5f3c2
0c75f0b749799d1fd726facc77135059192d137a5c4cf383e502d00252e203e1
0f9337c247b2b62af1529fab8e617616e9a3ac49648f428fe2283e3343a580db
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
14c40e5263a8f53508009bd01fcf1d49ad9b1c37721bfa0c58ac95fa77214c96
1560925b7d4f6a008e0c975ae68e14b58311a7ab03f2c09da2487cf8e8d27aca
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
18a3c7894e521fa5497ddcf946aad178a7e06bc7640b044289c69daceeb47147
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1b344878b924f05bfd27685aa36df479359c2b9d7b045436b3f0a0892d4fc210
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1c0eb3bc2c5243c796ebfa7cbaa244b5c42704bde17f3e907b15ca276f13580a
226f316eefd8eaa72793b141b43b90ff6ca2890c1216d8508376d54d40d6e51d
244d38a9b5430fad05284ad97daf5ef5c25e38c6ca89d89a994dc5c0fc9166e3
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f1e8d25717223a591f7202a1afccb0667906a7b15f2aa74f0cbfbd8118a4fca
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33935025719f5668bfab105458c9ce15c77fc676813cf0bb7ddc29a2c59c3df3
362926319935a032972f367a62efd55cdbc551ef1f582b24ce9d36650fb4bf2a
36fe45df416d7f6e22dcb693f50939a972ee5f50bfb0170e9b83a6415471712f
388169d81bec00c14a9158ff5f9b73cfdc77eccfa3393fbf6e7c3348c3c38641
3c0cc553c498ff457fbbb9f60d9a8373363066c775f33b8210391bfd5609688f
4098712087ea6cc38f555e0a3009cd4219e9fb2f796234686316c39b3034cb6a
40b7ff1a58e925fa577ef6c21abb1dfcef2604bf8d223a061600ba82ff52f04b
40cf9d86931a55c93ef95a7442655a88f07ced4644a2e7529bc417256eca22fc
41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
439b6fdb97bc9ea24774adeb848dda8257db47d657441da21a2b12b0524e4508
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
4498a15759375f00881c3f2c4bb34ffef4b149b5bc405f73536c74995c26b5e3
44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
4a1b09ba304df5768534c1e6aa23bbe6ed336192dee2d39e27c74f960d06456b
4e555e49fea3722b4d9e27d258bdf38131db6d05f5c592174fde5fb1d0c863c3
505ea0787e5fe2cf8f8b3286c7a61448bc151ef12283fcb1b5855a3e796d0494
55e61bcd3be6d263375559e8ca8b06a26c739a1d2efac4e4e04fdb99546a3513
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
595571328b66d274f4f353568ef280fc1a51859a66fc4779de58845d2bf1facb
59ae15be11c0261f3bbaec223dc24efeaa02c5849cb694bb2d9d4cc44b4df5da
5e4981d4fd90b67b9a8a5e60bc448f4076907cf7243e4291236123bf017adae7
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
61d8a192bb4ef46137bb8e534d284fd33f05eee41ff88c0ea7a5cb1d40f513e4
628687525f21ac72c1e10fd3cd8cd2a0224a96a4ff66ebf0dc83b97ce9c3f6af
62d2b8d827407d16f0c4ea40b02e663f97552c466527c69c17ae9fcc17c91f6e
68244f2890e84fcf241404fb1938c2e3facb27fd545954715085ddd460d521de
6959f26c381f69096c31a4787e1fd4ee01f9c5d432222cb9a07b323a8bb2af4e
6d0bab540ac546f46d2b81850328618b4aa75b7eb9c20c5daf54f34a5c510880
6efadce41ae376140acf28c0c20ad12dc8f1aedbb605e458bcb59ed9cf2db21e
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
71977923c7f235060bb27ad59524d3480b7aff4da4af599086999c3a54adccf6
76fbd79c9ed3cd8cba244ef54bcbece1bf28e855a491fbd3d36e4a604d45fe93
776e90e71bdf5486b1f0261db6974fa36031376dcabee2dead18687bfafaf9ea
79492da9b3945b16013aba7030d3a21905165bc4d54d61d8c03d12cf573beec6
794ed15ade471f05ebba7a2e2f4bd92d91090afbabd89932e12de4e3655f8d9a
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7a200701c53c115d1426b0e499872f764a6562e985a39a0796b152b9c31a72ba
7be3885d6747a25b99b829eaa781fd38c633b3b01b5c58f739d43ea85dbac762
7e3820ebfdd5076129bb5835d2b8c717fe408250f79fda123b06b1437ccf5c74
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856d10b22b78d8dca542577503906fdda7c04a04a8e5f6fbfe677c02ab92810b
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42
89528bcd8b91c26ea3c5dfef411e9d32b0a52d250cabe8022c4b05b3cc4404ae
89a343996356dad703421e022aff9a7cc61f444d20b194fcead151f84dcef276
89ec21d8217265ddf4ecd89ea9f2e5e6be59c21a787f8b7fd646c537bad1a9b1
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
8fbb77b467cbfe7549dd7dc65c0a0d5b77e986aa258a47a77470010d4e71a5bf
9068b2a6b26489af1fa3eabd12ba11fdbbb0553d532315446ae4258917d1d508
95618d0ac377efaa3f06e4584315a42de11d69a86e1eaa00cd0ee23b642bad40
9570064e6fc585f34a2f61e1c1af5ba7fb0acab456da0ab42c0fed419da67644
959cae6703049ef4b9e37d46d79ede4c3ac3222c204a381a13332ec5809e2845
95c95715196af2da4ecf5c892a036f2c0307fe3ab4ae35d851a25a52eede3bf9
98868f5f202bcd8f53b5a73532d041ed58a776195e623659f774b90937b8b207
a33751487807231c0f14ca986394e5f717ab8fe31c69687891b78480ed175693
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ab091088c93010fd8f1c582f5ba623f07351a9e688b0f6690d3093c32917378d
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ada575bbeea74f31166efec688e8f9c31a1e4301aef318346d3681f700f72250
b276b12bb10237fd6ac51425e7b513d7e294345c367a58093d4b0c9ea7fba30d
b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25
b49807c7a2b975537a8ef4a7a5790369c7ba710e65056187143b6414830c4d52
b51dde5f4272e0504702b25de61b46de54550e32253ac3fe6ac0f15e7e599cd6
b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08
b9074d7da5376f1e564bf54c78bec23c265d8054a3f2a7f901590c809c9eec20
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bda4f48aa086eae3051a505a9959cf1ae9fab829a934069bdc146547cf79cc6e
be5bf62a8dbfff68f4f1350977c6b1484ee7c0724ccc29fe784998183cc29c0c
be9f2a565ab87f8116aae70b759f704f1a258e8da5e46825f175fa91a130fc7e
c26bd8553b62b335713191c30656c9fa2d2faa96baf8ca6743f486530a41193d
c2c25f05092d541c3344cb084648179134e94e3aa3f2b1a3b12c1a3863b776c8
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
c4c8010d66be65b49eda4373a2f4aa8e04b5b9fa5561670b77e72f12364cc1b9
c66ce956f39a0d603cc74264d3b5a64b33fcfd06ec5d0ca62233f5ca272eba9f
cad278da708c8c2a1769d5fd8a7ef984d3dbf76fb96cda070787254ae1ef7306
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690
cf0086f5776a806a99fc38444a04810c58c397c21b8871096edaaa7b447b14f4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d365fba205ee50dbe24a2d2777f4d8a0e6b2484f0bcf793dc9f2adc49897d113
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
d76ba597d7012b39ab4e5c4255b114e7bdc5a5fbed6d8922e965abeae420024b
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6e0bbebc4d5aa64ddf72f267cdb13cc964e8920ade65f3e17080381f1a3aa9
e0e59b33f190619c0a72f134b8a63462def9238acbed251ef993fc84c6e0c54e
e12fc5c45d6b7d080b9fb966b05d09881f247e55305ca07d1ec82373d6e2828e
e1fed9d75187120ed4d5bd26d17d0ae1dd8106a35cadb68b41ce1bf5fde30c96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e55f74fbd62d2e12800750904cba9f5b4da47182cc2704dc640652280262d537
e61e9c6ed4853d31598d12286fe5377c4920d0e6f52e752eb120983631ac4da8
e79522da1bfba3d9e473e89c22acc561990785d6c5628f3ca41dc4e7dc05fcdb
e85c96975ada9e742e0c39ae4514eca0002dd691af8bc9985b520075448eb3de
e8f71d717299c94a1d30d2380550fb8af3737611e5a8378d1dc3db7215817024
ea21f3eca0723de189c15c61888b5ebc021f77a400e50801127d517b5e65aafb
ea9ce06246d31d59700d89b789d5d60a8d7ba7f63f5d5ecf5889c1ca47254b2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6ca76bbf27ac0912865f224b2ca9ccb1a6e188c1c234095d15859d1993f04
f2506375ce559d28ffa2b97de4ef3fe072addc170d51816a3b50d8b762efa9b5
f45ae6738727ea1213abd3f100e6a40e0d243ec4b0b02bc0af2d5c9f245bf09c
f8305717a1089983216945f1a09aca0ff5b8f33be027576e96a727c97bfeb60d
f919109538a391b8ade569dcefa011c1926d14399dba2f4d0fbaa3d710bcc08d
f91dd008629b885ba10c558f0b49cfe259f71df735caa798e9985d63ee0c499c
f926e83a74c520528b57f528791861d174476117e8ae480006ae3c34530cbb30
f9638ac5f9e74d16bf3a2e36eafd7b1b321fcff1e6b8a3b578f43f1d55867a88
ff30fda898941127cda08918b2972b41679d62ba1b12ea9acc8ad544d4f2e372

beforeitsnews.com Open in urlscan Pro 2606:4700:10::ac43:e6e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

172 Requests

100 %HTTPS

47 %IPv6

51 Domains

70 Subdomains

57 IPs

8 Countries

20685 kBTransfer

21771 kBSize

0 Cookies

29 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

100 %
HTTPS

47 %
IPv6

51
Domains

70
Subdomains

57
IPs

8
Countries

20685 kB
Transfer

21771 kB
Size

0
Cookies

172 HTTP transactions
3 data transactions