beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beforeitsnews.com/
Submission Tags: falconsandbox
Submission: On February 05 via api (February 5th 2021, 8:43:05 pm UTC) from US

Summary HTTP 173 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 57 IPs in 9 countries across 53 domains to perform 173 HTTP transactions. The main IP is 2606:4700:10::ac43:e6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
56	2606:4700:10:... 2606:4700:10::ac43:e6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.102.111 13.224.102.111	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:1be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.40.36.137 89.40.36.137	50939 (SPACE-AS) (SPACE-AS)
1	2606:4700::68... 2606:4700::6811:a64e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.217.76.246 52.217.76.246	16509 (AMAZON-02) (AMAZON-02)
3	104.18.64.15 104.18.64.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
9	185.59.220.194 185.59.220.194	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
3	2606:4700:303... 2606:4700:3031::ac43:a025	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
2	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2600:9000:20e... 2600:9000:20eb:6200:10:6147:ef80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.18.13.238 104.18.13.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:85f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:1600:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.93.118 143.204.93.118	16509 (AMAZON-02) (AMAZON-02)
1	13.224.102.13 13.224.102.13	16509 (AMAZON-02) (AMAZON-02)
4	64.62.227.19 64.62.227.19	6939 (HURRICANE) (HURRICANE)
21	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::ac43:8a23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:219... 2600:9000:2190:1200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:de00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.124.48.224 3.124.48.224	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 1	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5 5	18.195.193.185 18.195.193.185	16509 (AMAZON-02) (AMAZON-02)
1 2	213.19.147.151 213.19.147.151	26120 (RHYTHMONE) (RHYTHMONE)
1 1	13.225.78.65 13.225.78.65	16509 (AMAZON-02) (AMAZON-02)
2 2	52.209.120.242 52.209.120.242	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2620:12a:8001::3 2620:12a:8001::3	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3036::6815:3aa9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.138.190 104.18.138.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:1a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.196.223.136 205.196.223.136	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1	2a02:26f0:710... 2a02:26f0:7100:2af::3134	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3032::ac43:bbd0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e4:... 2606:4700:e4::ac40:a51e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:7d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.124.249.17 192.124.249.17	30148 (SUCURI-SEC) (SUCURI-SEC)
1	40.114.178.124 40.114.178.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
173	57

56 2606:4700:10::ac43:e6e (United States)

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-111.zrh50.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:1be (United States)

ASN13335 (CLOUDFLARENET, US)

sonsoflibertymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.40.36.137 (Romania)

ASN50939 (SPACE-AS, RO)
PTR: amg-news.com

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:a64e (United States)

ASN13335 (CLOUDFLARENET, US)

video.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.76.246 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.64.15 (United States)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-194.datapacket.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:a025 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fe80:1010::16 (United Kingdom)

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:6200:10:6147:ef80:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.paradigm.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.238 (United States)

ASN13335 (CLOUDFLARENET, US)

media.mercola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:85f3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.henrymakow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

cms.qz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:1600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-118.fra50.r.cloudfront.net

www.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-13.zrh50.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.62.227.19 (United States)

ASN6939 (HURRICANE, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:8a23 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:1200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:de00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.48.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.143.124 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.193.185 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.65 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.120.242 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:12a:8001::3 (United States)

ASN54113 (FASTLY, US)

www.freedomworks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:3aa9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.catholicnewsagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.138.190 (United States)

ASN13335 (CLOUDFLARENET, US)

selwynduke.typepad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1a64 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ammoland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.196.223.136 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)

www.thepiratescove.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:2af::3134 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:bbd0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wklaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a51e (United States)

ASN13335 (CLOUDFLARENET, US)

www.universetoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:7d5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.odditycentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.17 (United States)

ASN30148 (SUCURI-SEC, US)

gellerreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.114.178.124 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

external-content.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	beforeitsnews.com beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com	1 MB
21	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	250 KB
9	bitchute.com static-3.bitchute.com	381 KB
8	youtube.com img.youtube.com www.youtube.com	129 KB
8	googleapis.com fonts.googleapis.com www.googleapis.com translate.googleapis.com	100 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	41 KB
3	ammoland.com www.ammoland.com	78 KB
3	google.com www.google.com translate.google.com	3 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
3	jamesredpillsamerica.com jamesredpillsamerica.com	16 MB
3	imgflip.com i.imgflip.com	261 KB
2	catholicnewsagency.com www.catholicnewsagency.com	40 KB
2	googleusercontent.com lh3.googleusercontent.com	317 KB
2	lockerdome.com lockerdome.com
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	rddywd.com rddywd.com	1 KB
2	secureservercdn.net secureservercdn.net	48 KB
2	ytimg.com i.ytimg.com	33 KB
2	w.org s.w.org	1 KB
2	brighteon.com video.brighteon.com www.brighteon.com	17 KB
2	tradingview.com s3.tradingview.com s.tradingview.com	11 KB
1	duckduckgo.com external-content.duckduckgo.com	42 KB
1	gellerreport.com gellerreport.com	242 KB
1	odditycentral.com www.odditycentral.com
1	universetoday.com www.universetoday.com	20 KB
1	wklaw.com www.wklaw.com	15 KB
1	cnn.com cdn.cnn.com	275 KB
1	thepiratescove.us www.thepiratescove.us	889 KB
1	typepad.com selwynduke.typepad.com	3 KB
1	freedomworks.org www.freedomworks.org
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	smadex.com 1 redirects cm.smadex.com	524 B
1	1rx.io sync.1rx.io	187 B
1	unrulymedia.com 1 redirects usermatch.targeting.unrulymedia.com	342 B
1	lentainform.com cm.lentainform.com	623 B
1	idealmedia.io cm.idealmedia.io	555 B
1	google.de www.google.de	505 B
1	consensu.org c.sharethis.mgr.consensu.org
1	googlesyndication.com pagead2.googlesyndication.com	48 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	qz.com cms.qz.com	61 KB
1	henrymakow.com www.henrymakow.com	439 KB
1	mercola.com media.mercola.com	35 KB
1	paradigm.press media.paradigm.press	4 KB
1	amazonaws.com s3.amazonaws.com	23 KB
1	amg-news.com amg-news.com	626 KB
1	sonsoflibertymedia.com sonsoflibertymedia.com	927 KB
173	53

	Domain	Requested by
32	beforeitsnews.com	beforeitsnews.com
24	img.beforeitsnews.com	beforeitsnews.com
10	s-img.mgid.com	beforeitsnews.com
9	static-3.bitchute.com	beforeitsnews.com
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc beforeitsnews.com
6	cm.mgid.com	jsc.mgid.com beforeitsnews.com
6	img.youtube.com	beforeitsnews.com
5	x.bidswitch.net	5 redirects
4	ajax.beforeitsnews.com	beforeitsnews.com
3	www.ammoland.com
3	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com
3	jamesredpillsamerica.com	beforeitsnews.com
3	i.imgflip.com	beforeitsnews.com
2	www.catholicnewsagency.com
2	lh3.googleusercontent.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	www.gstatic.com	translate.googleapis.com
2	match.adsrvr.org	2 redirects
2	www.google.com	beforeitsnews.com
2	servicer.mgid.com	jsc.mgid.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	rddywd.com	beforeitsnews.com
2	jsc.mgid.com	beforeitsnews.com
2	www.youtube.com	beforeitsnews.com
2	secureservercdn.net	beforeitsnews.com
2	i.ytimg.com	beforeitsnews.com
2	s.w.org	beforeitsnews.com
1	external-content.duckduckgo.com
1	gellerreport.com
1	www.odditycentral.com
1	www.universetoday.com
1	www.wklaw.com
1	cdn.cnn.com
1	www.thepiratescove.us
1	selwynduke.typepad.com
1	www.freedomworks.org
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	cm.smadex.com	1 redirects
1	sync.1rx.io	beforeitsnews.com
1	usermatch.targeting.unrulymedia.com	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.lentainform.com	beforeitsnews.com
1	cm.g.doubleclick.net	1 redirects
1	cm.idealmedia.io	beforeitsnews.com
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.google.de	beforeitsnews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	l.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	cdn.mgid.com	beforeitsnews.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	s.tradingview.com	s3.tradingview.com
1	www.brighteon.com	beforeitsnews.com
1	platform-api.sharethis.com	beforeitsnews.com
1	www.googletagmanager.com	beforeitsnews.com
1	cms.qz.com	beforeitsnews.com
1	www.henrymakow.com	beforeitsnews.com
1	media.mercola.com	beforeitsnews.com
1	media.paradigm.press	beforeitsnews.com
1	s3.amazonaws.com	beforeitsnews.com
1	video.brighteon.com	beforeitsnews.com
1	amg-news.com	beforeitsnews.com
1	sonsoflibertymedia.com	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
173	71

This site contains links to these domains. Also see Links.

Domain
www.herbanomic.com
mitocopper.com
tinyurl.com
eae4b40pdp-1n69sysld-70zex.hop.clickbank.net
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net
11156t1kflu2j2b9bl18ojz-zi.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net
widgets.mgid.com
brainberries.co
6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net
www.fincabayano.net
polaraidhealth.com
www.braintuner.com
telegram.org
t.me
feff9ztmoi36r402y32b01xx44.hop.clickbank.net
401c9z7sokw8o71org6pr43wcw.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.tradingview.com Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
amg-news.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
static-3.bitchute.com R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
secureservercdn.net Starfield Secure Certificate Authority - G2	`2020-06-26` - `2021-06-26`	a year	crt.sh
media.paradigm.press Amazon	`2020-12-11` - `2022-01-09`	a year	crt.sh
mercola.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
cms.qz.com R3	`2021-02-04` - `2021-05-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
brighteon.com Amazon	`2020-08-21` - `2021-09-20`	a year	crt.sh
beforeitsnews.com R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
freedomworks.org R3	`2021-01-30` - `2021-04-30`	3 months	crt.sh
ssl919196.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-28` - `2021-05-06`	6 months	crt.sh
*.ammoland.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
www.thepiratescove.us R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
www.turner.com GlobalSign RSA OV SSL CA 2018	`2020-11-02` - `2021-12-04`	a year	crt.sh
gellerreport.com Go Daddy Secure Certificate Authority - G2	`2020-05-13` - `2021-05-13`	a year	crt.sh
*.duckduckgo.com DigiCert SHA2 Secure Server CA	`2020-10-09` - `2021-11-10`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: BEFE4660A3B79A6A5C4B7CFDE27B8FA2
Requests: 158 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZVcEsa5BFKM
Frame ID: C7943B444785FF6851C55774749BFD2F
Requests: 1 HTTP requests in this frame

Frame: https://www.brighteon.com/embed/797d2448-5994-43c4-8acd-7387828d4dbd
Frame ID: A274C42604655B7A160DBA5C7DFA45D2
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/O269cn5aS0A
Frame ID: A6E71E6C145C355A0272CDF788B115F1
Requests: 1 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: BEDED58DCA98A36B1A1CB028F3B23833
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211520
Frame ID: 176101A0D8D84092DCFE5BC621529556
Requests: 2 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211520
Frame ID: C663D08D65F30F2CD66BFD844B973857
Requests: 5 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 12FA3BC19B2EC10706E79782567BEE36
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1612557759792922055046
Frame ID: 911E4B15AFEDF9A5F27E79E90D2AA6FE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: F98EB17772F34A15E5005602E3A50AD6
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: DF004AB8517634AD84B8D99C2D05F6ED
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: BEBB4DB4257DAF59FE1AF8C0BA732D9B
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 88BDABE982164142B3C6CDF7A8A7F6C6
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 28DEFDE44823C6CB3D95552A71C2EC2B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

173
Requests

100 %
HTTPS

53 %
IPv6

53
Domains

71
Subdomains

57
IPs

9
Countries

22931 kB
Transfer

24009 kB
Size

5
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomic.com/productdirectory
Title: Shopping

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/herbanomic-fulvic-humic-complex/
Title: Deep Sleep - Energy - Vitality -- This Trace Mineral Complex Will Change How You Feel

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/vars-liposomal-glutathione-mint-burst/
Title: THIS is Why Glutathione is Called the Miracle Molecule for Health and Anti-Aging! (VIDEO)

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y3wnvggc

Search URL Search Domain Scan URL

URL: https://eae4b40pdp-1n69sysld-70zex.hop.clickbank.net/?tid=BINBAN500

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: How To Easily Manifest Anything You Wish Using Quantum Physics

Search URL Search Domain Scan URL

URL: https://50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net/?tid=BINRTL21129
Title: Have You Been Struggling With Obesity But Can’t Figure Out Why? You MUST Watch This Now!

Search URL Search Domain Scan URL

URL: https://11156t1kflu2j2b9bl18ojz-zi.hop.clickbank.net/?tid=BINRTL2121320
Title: Learn How a 70-Year-Old Veteran Built a Small Nuclear Root Cellar (Bunker) in His Backyard With Only $421

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net/?tid=BINPTL
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/top-10-most-romantic-nations-in-the-world/

Search URL Search Domain Scan URL

URL: https://6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net/?tid=BINRTL1025
Title: Learn How To Manifest Anything You Desire In Life. Click Here For Proof

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/ultracur-bioavailable-curcumin-complex/

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/
Title:

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/
Title:

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex
Title: THIS Humic Fulvic Complex Has Provided Major Health Benefits To Thousands. (See VIDEO)

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/the-top-10-highest-paid-football-players-in-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/10-of-the-strongest-women-in-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/6-amazing-facts-about-hurricanes/

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://feff9ztmoi36r402y32b01xx44.hop.clickbank.net/?tid=BINRTL1
Title: I Killed Bruce Lee with the Death Touch - Caution: Don't Use it Unless Your Life is in DANGER!

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNewsGroup
Title: CHAT/CONTRIBUTE ON TELEGRAM - https://t.me/BeforeitsNewsGroup

Search URL Search Domain Scan URL

URL: https://mitocopper.com/
Title: Patented Copper Supplement! You'll Never Believe What It Does Until You See the Blood Video!

Search URL Search Domain Scan URL

URL: https://401c9z7sokw8o71org6pr43wcw.hop.clickbank.net/?tid=BINRTL11129
Title: NEW Breakthrough Product Helps You To Look and Feel Better GUARANTEED! Must-See Video

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Try This Discreet Weapon - They'll Never See It Coming Until They Are On The Ground and Can't Move!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDE1RGxhdENtakdj&muidn=l15DlatCmjGc HTTP 302
https://cm.mgid.com/google?muidn=l15DlatCmjGc&google_ula={guid},5&google_gid=CAESEI8PNbEcLSBjMMnmEK-aziQ&google_cver=1

Request Chain 119

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=zLX31945Wgo112QNaRyT&pi=mgid&tc=1

Request Chain 120

https://x.bidswitch.net/sync?dsp_id=303&user_id=l15DlatCmjGc HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l15DlatCmjGc HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/6828c612-c085-432b-8f5f-d88acdca56a1?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/6828c612-c085-432b-8f5f-d88acdca56a1?gdpr=&gdpr_consent=

Request Chain 121

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=6828c612-c085-432b-8f5f-d88acdca56a1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=e35c206f-ef0b-4024-a6d6-cf9abb63a97e&expires=10&ssp=mgid&bsw_param=6828c612-c085-432b-8f5f-d88acdca56a1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=6828c612-c085-432b-8f5f-d88acdca56a1&gdpr=&gdpr_consent=&us_privacy=

Request Chain 122

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=e5a721f7-f768-43e3-9f75-400b135cf437&ttl=1615149760

173 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beforeitsnews.com/ 118 KB
23 KB 759ms
737ms Document
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0cbf9593925e2b9245b497461b1ff6566672aa9d789212a39952fa00a0bca86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dfc4a69c99c991b50d024dd44173337eb1612557757; expires=Sun, 07-Mar-21 20:42:37 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s3; path=/ __cflb=0H28vyGHkAVLrvrHtVehKp3KVyBdeBAXtcCRpyirW1u; SameSite=Lax; path=/; expires=Fri, 05-Feb-21 23:00:38 GMT; HttpOnly
cf-ray: 61cf75818f4dbec9-FRA
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
cf-request-id: 081587c4f50000bec91d9d6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 22ms
20ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 2878745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DW2R7TEKEY2K8GBT
x-amz-id-2: sE/VEXxbhMuTCuCQsmC2BptgO/V1s2PsNZ5yq95p3IzbnVwO15xXAM+hmbc4SCny4GEWo4j01Uw=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"165501590067c5189e81c831f77f81ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tjjN.jFT95DY_pkhk6.cTP9tpZK602Ny
cf-request-id: 081587c7e40000bec92180a000000001
cf-ray: 61cf758639bbbec9-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
712 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 20:42:38 GMT
server: ESF
date: Fri, 05 Feb 2021 20:42:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Feb 2021 20:42:38 GMT

GET
H2 200 global-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 15 KB
3 KB 31ms
29ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254069
cf-polished: origSize=15665
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587c7e30000bec917022000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-3d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf758639b7bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:29 GMT

GET
H2 200 fancybox-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 58ms
57ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254069
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587c7e40000bec90e9e9000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf758639b8bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:29 GMT

GET
H2 200 home-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 28 KB
6 KB 30ms
28ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254028
cf-polished: origSize=29022
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587c7e40000bec9111cf000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-715e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf758639b9bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:22:10 GMT

GET
H2 200 responsive-bin-rev-20210122.css
beforeitsnews.com/static/css-v3/ 20 KB
3 KB 44ms
43ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20210122.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a200701c53c115d1426b0e499872f764a6562e985a39a0796b152b9c31a72ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254069
cf-polished: origSize=20176
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587c7e40000bec93600f000000001
last-modified: Fri, 22 Jan 2021 08:20:09 GMT
server: cloudflare
etag: W/"600a8ab9-4ed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf758639babec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:29 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 33ms
32ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 200240
cf-polished: origSize=149701
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587c7e50000bec937b53000000001
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf758639bcbec9-FRA
expires: Wed, 10 Feb 2021 13:05:17 GMT

GET
H2 200 global-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 19 KB
5 KB 38ms
37ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0e59b33f190619c0a72f134b8a63462def9238acbed251ef993fc84c6e0c54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254046
cf-polished: origSize=19786
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587c7e50000bec92e3c8000000001
last-modified: Fri, 22 Jan 2021 08:19:29 GMT
server: cloudflare
etag: W/"600a8a91-4d4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf758639bdbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:52 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 53ms
44ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 164722
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
cf-request-id: 081587c8260000bec917024000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 22:57:16 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7586a9dfbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 87ms
22ms Script
text/javascript 13.224.102.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-111.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 10:22:06 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
last-modified: Fri, 05 Feb 2021 10:22:02 GMT
server: AmazonS3
age: 37233
etag: "434a3d44a3079aedd890448838582f6c"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 11415
x-amz-cf-id: J6Dpq3du66UbD7ihnUGTNvNJFGjPrd7cXaZmJ1AFFYj-6_kgkQhKhg==

GET
H2 200 868987f3dd50f8d2ad1b88f292f80750.png
sonsoflibertymedia.com/wp-content/uploads/2021/02/ 925 KB
927 KB 61ms
30ms Image
image/png 2606:4700:20::681a:1be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonsoflibertymedia.com/wp-content/uploads/2021/02/868987f3dd50f8d2ad1b88f292f80750.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d17b23bd085ec78f7c0b3b32343d0326e59a88f523931d3af6d2c95fbb92bf1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 20405
x-fw-server: Flywheel/4.1.0
x-cache: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DKNjJGDtO3uDGH%2BsagdQPqY9SJr95I59FjXpSLGo2fLZDrJ8bO1RfppX%2BHJ%2FRswczLEfojR%2FY3hI0dwwLivLxG%2FuCOkjjYjX2%2Fsm%2FbsF9LOK5rVf3pR8P3Xau8kEZSRTrxA%2F"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 946913
cf-request-id: 081587c849000005c8df35e000000001
magicmarker: 1
last-modified: Fri, 05 Feb 2021 15:01:20 GMT
server: cloudflare
etag: "601d5dc0-e72e1"
x-fw-hash: soth990flu
nel: {"max_age":604800,"report_to":"cf-nel"}
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-fw-serve: TRUE
x-fw-type: VISIT
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 61cf7586d87005c8-FRA

GET
H2 200 maxresdefault(146).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 19 KB
19 KB 49ms
37ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/maxresdefault(146).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c51c8d3d2763a08c5bad33551b731b79aa593655637fee6809c3a04788d0bcb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 14922
cf-polished: origSize=20112, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19243
cf-request-id: 081587c8370000bec93389d000000001
last-modified: Fri, 05 Feb 2021 16:22:26 GMT
server: cloudflare
etag: "601d70c2-4e90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 16:33:56 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7586b9eabec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 2323.png
amg-news.com/wp-content/uploads/2021/02/ 625 KB
626 KB 257ms
91ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/02/2323.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS: amg-news.com
Software: LiteSpeed /
Resource Hash: 43f28454fffdac3d5c82791d1a3e2ee69071bd6a200e6248af9fb6dd90a1c869

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
last-modified: Fri, 05 Feb 2021 14:07:52 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 640286
expires: Fri, 12 Feb 2021 20:42:38 GMT

GET
H2 200 1107f4bd-d8d7-4aec-b024-af71a9c9dfe8.0000001.jpg
video.brighteon.com/file/Brighteon-staging/poster/ 16 KB
17 KB 67ms
37ms Image
image/jpeg 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.brighteon.com/file/Brighteon-staging/poster/1107f4bd-d8d7-4aec-b024-af71a9c9dfe8.0000001.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8f71d717299c94a1d30d2380550fb8af3737611e5a8378d1dc3db7215817024

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
x-bz-file-id: 4_z88b2c91b4a10c84b66a40e17_f10594b2a69558447_d20210115_m191649_c002_v0001135_t0054
age: 983
x-bz-content-sha1: unverified:4adfd30e8cb06673c010cd59b45029b2116bb217
x-bz-file-name: poster/1107f4bd-d8d7-4aec-b024-af71a9c9dfe8.0000001.jpg
content-length: 16786
cf-request-id: 081587c84900002c3a44bc1000000001
x-bz-upload-timestamp: 1610738209000
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 61cf7586de3c2c3a-FRA
expires: Sat, 06 Feb 2021 00:42:38 GMT

GET
H/1.1 200
OK 32218847-5296-4726-82d4-f25e90181c55
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/ 23 KB
23 KB 591ms
132ms Image
image/jpeg 52.217.76.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/32218847-5296-4726-82d4-f25e90181c55
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.76.246 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6613640a08a451faae58c948547c57708fec95caed47929cd8aa5dac75df08b2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 20:42:40 GMT
Last-Modified: Fri, 05 Feb 2021 09:41:46 GMT
Server: AmazonS3
x-amz-request-id: 1C92739A984682C1
ETag: "8670b2b1b5aaf0d6931a1750e40922ea"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 23261
x-amz-id-2: nyZ2IGDgGoEbc7FBkDAjxj489CnFm0B/210aGWrZHpYeXwAmQ3yEN2JPc0NtjcVeV8ydvLYv6kM=

GET
H2 200 4wtvnr.jpg
i.imgflip.com/ 87 KB
88 KB 100ms
36ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4wtvnr.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ee7ecb55d2cbc041bc7460df78fcc5480137b8faeb9a9db26440ee7bbd556b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
age: 19246
cf-polished: origSize=90470
cf-ray: 61cf75872f1d2325-ZRH
content-length: 89534
x-amz-id-2: OZzH6vmVhAP9WPAvATdA2Bn/HimMDEyJ1m3VF8P3JigtqJagiBCwu2LMh08WYVJLP9bOM7S6smU=
last-modified: Fri, 05 Feb 2021 15:17:31 GMT
server: cloudflare
etag: "d914ac37edd9b1298f31babb636491a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 9BD9D63A14B3D362
access-control-allow-origin: *
expires: Mon, 03 Feb 2031 20:42:38 GMT
cache-control: public, max-age=315360000
cf-request-id: 081587c87700002325133ba000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/4KBlBdOGkUg/ 9 KB
9 KB 40ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/4KBlBdOGkUg/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18a3c7894e521fa5497ddcf946aad178a7e06bc7640b044289c69daceeb47147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:38:09 GMT
x-content-type-options: nosniff
server: sffe
age: 269
etag: "1612453165"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8851
x-xss-protection: 0
expires: Fri, 05 Feb 2021 20:43:09 GMT

GET
H2 200 4wtzhr.jpg
i.imgflip.com/ 130 KB
131 KB 180ms
116ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4wtzhr.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351510c7652e68eb4eb0ea1c2c8567cc2ca78f0d709c90496e35ecaaae9ae480

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
age: 17984
cf-polished: origSize=134624
cf-ray: 61cf75872f1f2325-ZRH
content-length: 133296
x-amz-id-2: GJ9JklSIqzwc+zO2+lVQ/6qSsyfkZ2+bN4iQKdCtcEAB8+bCA3JfY++TAb6H0HixUy6oIpMISoE=
last-modified: Fri, 05 Feb 2021 15:37:14 GMT
server: cloudflare
etag: "c6e3dc20a1114273c625bd79b45564ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 47CFA68C0291B26E
access-control-allow-origin: *
expires: Mon, 03 Feb 2031 20:42:38 GMT
cache-control: public, max-age=315360000
cf-request-id: 081587c877000023250d0c1000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 1f449.svg
s.w.org/images/core/emoji/13.0.1/svg/ 563 B
571 B 73ms
23ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/1f449.svg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 awQH8SdzUiQDFDvCytWP7j5V_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 36 KB
36 KB 212ms
141ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/awQH8SdzUiQDFDvCytWP7j5V_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

e9e910479dc600f25b5abc21005a63f2025854fc12b887c76fdaf524902bcc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx000000000000021bd4fab-00601c944b-43ba6e0-nyc3a
cdn-cachedat: 2021-02-05 01:41:47
cdn-pullzone: 89010
content-length: 36802
last-modified: Fri, 05 Feb 2021 00:11:34 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: a9ce1e872bfdfd736c6863e3f831ecf4
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/w3vY3yHkPtc/ 28 KB
29 KB 48ms
26ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/w3vY3yHkPtc/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9570064e6fc585f34a2f61e1c1af5ba7fb0acab456da0ab42c0fed419da67644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1612330039"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29060
x-xss-protection: 0
expires: Fri, 05 Feb 2021 20:47:38 GMT

GET
H2 200 unnamed(66).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 19 KB
19 KB 29ms
23ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnamed(66).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76bf1ebbc8d602065e964581e59c018d8a5e120cb62e2e87a8ddd24068b6e056

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 8447
cf-polished: origSize=23813, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19619
cf-request-id: 081587c86b0000bec93091b000000001
last-modified: Fri, 05 Feb 2021 18:10:56 GMT
server: cloudflare
etag: "601d8a30-5d05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 18:21:50 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75871a07bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/FN14GiC_Fzo/ 27 KB
27 KB 31ms
26ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/FN14GiC_Fzo/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04e655006c626c5248f84f225d7a61788dd14781e1d4dc7e520316e8f4f2e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
x-content-type-options: nosniff
server: sffe
etag: "1612533651"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
expires: Fri, 05 Feb 2021 20:47:38 GMT

GET
H2 200 A_Capitol_Bldg.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 43 KB
44 KB 29ms
29ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/A_Capitol_Bldg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b276b12bb10237fd6ac51425e7b513d7e294345c367a58093d4b0c9ea7fba30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 604406
cf-polished: origSize=47160, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44528
cf-request-id: 081587c8700000bec92e3cc000000001
last-modified: Fri, 29 Jan 2021 20:41:26 GMT
server: cloudflare
etag: "601472f6-b838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 29 Jan 2022 20:49:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75871a0ebec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 42 KB
43 KB 96ms
72ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-01-26 13:45:38
cdn-pullzone: 89010
content-length: 43209
x-amz-request-id: tx00000000000001c3068ef-0060100ef2-43b5652-nyc3a
last-modified: Tue, 26 Jan 2021 11:28:15 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 6887e340b22a5779e66babc97faf51c7
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 Virus8.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 18 KB
19 KB 26ms
24ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/Virus8.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46f5b070b526e1352ce3a34be80ac2e21fb626d7d2ed742ae583537197782abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5839
cf-polished: origSize=19584, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18882
cf-request-id: 081587c8860000bec936016000000001
last-modified: Mon, 24 Feb 2020 17:40:58 GMT
server: cloudflare
etag: "5e540aaa-4c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 19:05:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75873a13bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 FIRING-SQUADS.jpg
jamesredpillsamerica.com/images/ 855 KB
857 KB 80ms
13ms Image
image/jpeg 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/FIRING-SQUADS.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0277746a76979bf685e56ab2b5f8e3be9f087efa9fa91bf09a1674e0a94a01ff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 80109
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 875842
cf-request-id: 081587c8cb0000dfd3ab1a5000000001
last-modified: Thu, 04 Feb 2021 22:23:54 GMT
server: cloudflare
etag: "601c73fa-d5d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FRdq8jen1SUJqvhJlI8uPSNa8bcnIEOk1VXTR9CkZS8ggJib8aSoprYwnswug3IlWxhmTsLanwcU9qb9sv4fJfVpdAeI%2FaLD1g1RnlAjZoaw9k7dk1t1SI4Mp1FQc65W68%2FpH48%3D"}]}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7587aa01dfd3-FRA
expires: Fri, 04 Feb 2022 22:27:29 GMT

GET
H2 200 Happy-Sunday.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 45 KB
45 KB 61ms
60ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Happy-Sunday.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce9dac4d65255594816786dd6a3b810bfe4795a5e1780e9f74fb5637d0bf8e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 347879
cf-polished: origSize=46170, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45636
cf-request-id: 081587c88c0000bec92eba9000000001
last-modified: Thu, 21 Jan 2021 16:49:28 GMT
server: cloudflare
etag: "6009b098-b45a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 20:04:39 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75874a1abec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 49tE7hX1IFRt_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 23 KB
24 KB 77ms
60ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/49tE7hX1IFRt_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

f91dd008629b885ba10c558f0b49cfe259f71df735caa798e9985d63ee0c499c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-05 00:54:18
cdn-pullzone: 89010
content-length: 23646
x-amz-request-id: tx000000000000021b888dc-00601c892a-43ba6e0-nyc3a
last-modified: Thu, 04 Feb 2021 23:47:16 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: fd95f0a162ff740ec84066dc7a998b6b
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 96qnv7cQGkIsf1jDw3hK1WMl_small.jpg
static-3.bitchute.com/live/channel_images/MKanl25dSUxl/ 13 KB
14 KB 159ms
142ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/channel_images/MKanl25dSUxl/96qnv7cQGkIsf1jDw3hK1WMl_small.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

14c40e5263a8f53508009bd01fcf1d49ad9b1c37721bfa0c58ac95fa77214c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000001fcde686-006017fa8c-43b5652-nyc3a
cdn-cachedat: 2021-02-01 13:56:44
cdn-pullzone: 89010
content-length: 13518
last-modified: Sat, 14 Sep 2019 12:52:12 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: ec26c697bb8ded71c707fb3edf0a6a4e
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 CCPPedoJoe(1).png
img.beforeitsnews.com/contributor/upload/713008/images/ 70 KB
70 KB 63ms
62ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/713008/images/CCPPedoJoe(1).png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe5d218d9dcf0c3f7966c738588c89a1e0e5677c11a4dd4bb2e8c91cc5040076

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 9716
cf-polished: origFmt=png, origSize=85523
content-disposition: inline; filename="CCPPedoJoe(1).webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71288
cf-request-id: 081587c8900000bec92ebaa000000001
last-modified: Fri, 05 Feb 2021 17:42:54 GMT
server: cloudflare
etag: "601d839e-14e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 18:00:41 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75874a1bbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault(287).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 14 KB
15 KB 22ms
21ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(287).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 430828
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14766
cf-request-id: 081587c88c0000bec9290b6000000001
last-modified: Fri, 14 Aug 2020 20:18:17 GMT
server: cloudflare
etag: "5f36f189-39ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 31 Jan 2022 21:02:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75874a1cbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 three-amigos.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 51 KB
51 KB 58ms
57ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/three-amigos.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0cc553c498ff457fbbb9f60d9a8373363066c775f33b8210391bfd5609688f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 173180
cf-polished: origSize=54717, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51752
cf-request-id: 081587c88c0000bec93091c000000001
last-modified: Wed, 03 Feb 2021 20:27:27 GMT
server: cloudflare
etag: "601b072f-d5bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 20:36:18 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75874a1dbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5Yxr1eTDCqJKoeKbVnClNXmZ_640x360.jpg
static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/ 37 KB
38 KB 158ms
141ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/5Yxr1eTDCqJKoeKbVnClNXmZ_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

1560925b7d4f6a008e0c975ae68e14b58311a7ab03f2c09da2487cf8e8d27aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx000000000000007db5efe-0060143b2c-46b98f5-nyc3a
cdn-cachedat: 2021-01-29 17:43:24
cdn-pullzone: 89010
content-length: 38380
last-modified: Fri, 29 Jan 2021 15:31:41 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 3a6b64278e3f4f9588f950f56908fa02
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 8e75e7e3-ad25-4132-b185-87972f6adc9e-1.jpg
img.beforeitsnews.com/contributor/upload/724569/images/ 47 KB
47 KB 47ms
45ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/724569/images/8e75e7e3-ad25-4132-b185-87972f6adc9e-1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28e52d976c97e7e195c869d0a3b8c502429ed84dd0c18f7bb7a932f3fcdf7f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2236280
cf-polished: origSize=53307, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47811
cf-request-id: 081587c8a20000bec90e001000000001
last-modified: Sat, 15 Aug 2020 08:05:22 GMT
server: cloudflare
etag: "5f379742-d03b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75876a21bec9-FRA
expires: Mon, 10 Jan 2022 23:31:18 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/bQbXxrEcI4s/ 18 KB
18 KB 84ms
16ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/bQbXxrEcI4s/mqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea21f3eca0723de189c15c61888b5ebc021f77a400e50801127d517b5e65aafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1612422129"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18597
x-xss-protection: 0
expires: Fri, 05 Feb 2021 20:47:38 GMT

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 36ms
30ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 173057
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
cf-request-id: 081587c8cf0000bec927363000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 20:38:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7587ba40bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 unnamed%20(2)(10).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 55 KB
56 KB 32ms
30ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnamed%20(2)(10).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7be3885d6747a25b99b829eaa781fd38c633b3b01b5c58f739d43ea85dbac762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 181297
cf-polished: origSize=58789, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56696
cf-request-id: 081587c8d00000bec9240d0000000001
last-modified: Wed, 03 Feb 2021 17:59:19 GMT
server: cloudflare
etag: "601ae477-e5a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 18:21:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7587ba41bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Bethea-MarjorieTaylorGreene.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 33 KB
34 KB 29ms
28ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Bethea-MarjorieTaylorGreene.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85e28d7be70e582af44f3acd1f08a6aba0669da01f3b655b624b447ebc4e5ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6405
cf-polished: origSize=35959, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34213
cf-request-id: 081587c8d00000bec921813000000001
last-modified: Fri, 05 Feb 2021 18:54:26 GMT
server: cloudflare
etag: "601d9462-8c77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 18:55:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7587ba42bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 trumphappy.jpg
secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/02/ 19 KB
19 KB 90ms
5ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/02/trumphappy.jpg?time=1612449648

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c75f0b749799d1fd726facc77135059192d137a5c4cf383e502d00252e203e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 99
x-cache: cached
x-sucuri-cache: HIT
content-length: 19043
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 14:39:51 GMT
server: nginx
date: Fri, 05 Feb 2021 20:42:38 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "4a63-5ba83ad25f6a4"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 White_House_Night.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 58 KB
58 KB 65ms
57ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/White_House_Night.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c25f05092d541c3344cb084648179134e94e3aa3f2b1a3b12c1a3863b776c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 781924
cf-polished: origSize=62169, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59224
cf-request-id: 081587c8f20000bec9210f4000000001
last-modified: Wed, 27 Jan 2021 19:16:36 GMT
server: cloudflare
etag: "6011bc14-f2d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 19:30:34 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7587ea56bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/rXS2dZEG8iw/ 11 KB
11 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/rXS2dZEG8iw/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f271315a5c031429b1ec9b37e26c8dd685096314fe220bef4a4a79399db0590e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:40:12 GMT
x-content-type-options: nosniff
server: sffe
age: 146
etag: "1612496388"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
expires: Fri, 05 Feb 2021 20:45:12 GMT

GET
H2 200 uKInBD8xxrSd_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ 35 KB
36 KB 68ms
59ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/uKInBD8xxrSd_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

5e4981d4fd90b67b9a8a5e60bc448f4076907cf7243e4291236123bf017adae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000021c9db51-00601c6b4b-43b5652-nyc3a
cdn-cachedat: 2021-02-04 22:46:51
cdn-pullzone: 89010
content-length: 36168
last-modified: Thu, 04 Feb 2021 21:36:36 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: cf014a3cb3bcb2e6c24a293234238957
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 CZtNyUO3UwrH_640x360.jpg
static-3.bitchute.com/live/cover_images/ckAsk0HlOn5w/ 40 KB
40 KB 75ms
67ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/ckAsk0HlOn5w/CZtNyUO3UwrH_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

341e1070351a4000ed0a4df0df7b89fba8b672e97a720926125848864dc69e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-05 00:40:40
cdn-pullzone: 89010
content-length: 40647
x-amz-request-id: tx000000000000021d78827-00601c85f8-43b55da-nyc3a
last-modified: Thu, 04 Feb 2021 23:32:03 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 15c47d2ece2a43c37fdce177280f462f
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 signature-brian-maher-transparent.png
media.paradigm.press/signatures/ 4 KB
4 KB 99ms
12ms Image
image/png 2600:9000:20eb:6200:10:6147:ef80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.paradigm.press/signatures/signature-brian-maher-transparent.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:10:6147:ef80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c165c794cc085351dba3d30ae0166b1a059a37cef50fe545aa56290d96cbb6a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 07:04:02 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Thu, 22 Oct 2020 17:31:40 GMT
server: AmazonS3
age: 49117
etag: "f7a2a0516364bbc2fb65f027bc581723"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3929
x-amz-cf-id: Go_NtBTRmHrYuW71AOS0xRiPU8l1ghypkyhITNYD630jq8aVI6_RXw==

GET
H2 200 KIDS4SALE.jpg
jamesredpillsamerica.com/images/ 1 MB
1 MB 80ms
71ms Image
image/jpeg 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/KIDS4SALE.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55f74fbd62d2e12800750904cba9f5b4da47182cc2704dc640652280262d537

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 331613
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1166639
cf-request-id: 081587c8f60000dfd39e0db000000001
last-modified: Mon, 01 Feb 2021 22:42:51 GMT
server: cloudflare
etag: "601883eb-11cd2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NFZ68ubT3L3H%2BMOiuQ2jbeUmVH66agaMjg8ouK6eU52vKKa4fbkG%2BRzrxVJL9nibBQ5%2B0Nr8Mp1R2%2FuLw1a%2B%2Buvoktr5DHvfPEg2JflTuTnobgTYont56up5%2FyiMMdy%2Fcdj8NZE%3D"}]}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7587fa80dfd3-FRA
expires: Wed, 02 Feb 2022 00:35:45 GMT

GET
H2 200 Pervywood.jpg
img.beforeitsnews.com/contributor/upload/724569/images/ 32 KB
32 KB 67ms
59ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/724569/images/Pervywood.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79522da1bfba3d9e473e89c22acc561990785d6c5628f3ca41dc4e7dc05fcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2234942
cf-polished: origSize=37819, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32890
cf-request-id: 081587c8f70000bec9139a0000000001
last-modified: Sat, 02 Jan 2021 14:59:50 GMT
server: cloudflare
etag: "5ff08a66-93bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7587fa59bec9-FRA
expires: Mon, 10 Jan 2022 23:53:36 GMT

GET
H2 200 JR6hpkfLM3Q0_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 90 KB
91 KB 80ms
19ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/JR6hpkfLM3Q0_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

f926e83a74c520528b57f528791861d174476117e8ae480006ae3c34530cbb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-02-04 04:19:34
cdn-pullzone: 89010
content-length: 92422
x-amz-request-id: tx0000000000000215b7427-00601b67c6-43b55da-nyc3a
last-modified: Thu, 04 Feb 2021 03:08:21 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 90b87a4bbe7b8f22f14e7b24a0e5d817
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 trumpproud-696x406.jpg
secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/02/ 28 KB
29 KB 76ms
8ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.88.172/ogs.08d.myftpupload.com/wp-content/uploads/2021/02/trumpproud-696x406.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

17933410ea9f9e1d86507448647f7d4a23601f88e68997a38cd1e8cbb084ae96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 64
x-cache: cached
x-sucuri-cache: HIT
content-length: 28936
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Feb 2021 17:01:08 GMT
server: nginx
date: Fri, 05 Feb 2021 20:42:38 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "7108-5ba99c4336ab9"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zIte2c2GEr8wQeElSUeH9TnG_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 60 KB
60 KB 95ms
26ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/zIte2c2GEr8wQeElSUeH9TnG_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

ada575bbeea74f31166efec688e8f9c31a1e4301aef318346d3681f700f72250

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000001de09938-0060138f60-43b5652-nyc3a
cdn-cachedat: 2021-01-29 05:30:25
cdn-pullzone: 89010
content-length: 61038
last-modified: Fri, 29 Jan 2021 04:22:00 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 82f5f4d9da39b0e224f3c357fcd314fe
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 OIP%20(18).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 36ms
28ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(18).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068fe17f9d43898c88ab0b2bab778b800d9ec0771547e9e73f1502621baa79f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 175820
cf-polished: origSize=13525, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12280
cf-request-id: 081587c93d0000bec92e3d4000000001
last-modified: Wed, 03 Feb 2021 19:35:12 GMT
server: cloudflare
etag: "601afaf0-34d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 19:52:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75886a7dbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ending-plague.jpg
media.mercola.com/ImageServer/public/2021/January/ 34 KB
35 KB 99ms
38ms Image
image/jpeg 104.18.13.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.mercola.com/ImageServer/public/2021/January/ending-plague.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / N/A

Resource Hash

be9f2a565ab87f8116aae70b759f704f1a258e8da5e46825f175fa91a130fc7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
x-aspnet-version: N/A
age: 487907
x-powered-by: N/A
last-modified: Thu, 28 Jan 2021 03:23:59 GMT
strict-transport-security: max-age=31536000
content-length: 35000
cf-request-id: 081587c9800000cc3a6aacd000000001
x-aspnetmvc-version: N/A
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "4e4df8425f5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
cf-polished: origSize=36976, status=webp_bigger
accept-ranges: bytes
cf-ray: 61cf7588c8f0cc3a-ZRH
expires: Fri, 12 Feb 2021 20:42:38 GMT

GET
H2 200 maxresdefault%20(3).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
28 KB 31ms
24ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/maxresdefault%20(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49807c7a2b975537a8ef4a7a5790369c7ba710e65056187143b6414830c4d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 269751
cf-polished: origSize=29930, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28721
cf-request-id: 081587c93e0000bec90e9f4000000001
last-modified: Tue, 02 Feb 2021 17:36:35 GMT
server: cloudflare
etag: "60198da3-74ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 17:46:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75886a7ebec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/Rxdxf-zHfU8/ 37 KB
37 KB 13ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Rxdxf-zHfU8/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95618d0ac377efaa3f06e4584315a42de11d69a86e1eaa00cd0ee23b642bad40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:25:57 GMT
x-content-type-options: nosniff
server: sffe
age: 1001
etag: "1611445449"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37485
x-xss-protection: 0
expires: Fri, 05 Feb 2021 22:25:57 GMT

GET
H2 200 4wcpxi.jpg
i.imgflip.com/ 42 KB
42 KB 36ms
28ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4wcpxi.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856d10b22b78d8dca542577503906fdda7c04a04a8e5f6fbfe677c02ab92810b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
age: 283958
cf-polished: origSize=43015
cf-ray: 61cf75887b2f2325-ZRH
content-length: 42564
x-amz-id-2: 8sYRF/sCl0kL7IV9USNzkc6E1RtH3KBCEph4jaXU5cEYr8zLbz9WkxF39sRPnZF8hGtibQgKdCI=
last-modified: Tue, 02 Feb 2021 13:36:32 GMT
server: cloudflare
etag: "57cae7424b3dd63e8a6c1401b8f3f7ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 7DEF98FA106B9672
access-control-allow-origin: *
expires: Mon, 03 Feb 2031 20:42:38 GMT
cache-control: public, max-age=315360000
cf-request-id: 081587c94a00002325153ac000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 A_A_A_Twenty.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 86 KB
87 KB 29ms
22ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/A_A_A_Twenty.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd2a129f29805ca234b0c8374aec9b74a9795d1a0d1c3335bf42041839e843aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5357
cf-polished: origSize=95876, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88361
cf-request-id: 081587c93e0000bec9111da000000001
last-modified: Thu, 26 Dec 2019 06:44:30 GMT
server: cloudflare
etag: "5e0456ce-17684"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 19:13:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75886a7fbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 BOMB-AWAY.gif
jamesredpillsamerica.com/images/ 14 MB
14 MB 23ms
16ms Image
image/gif 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/BOMB-AWAY.gif
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6efadce41ae376140acf28c0c20ad12dc8f1aedbb605e458bcb59ed9cf2db21e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 359569
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 14290982
cf-request-id: 081587c93d0000dfd30d856000000001
last-modified: Mon, 01 Feb 2021 04:36:40 GMT
server: cloudflare
etag: "60178558-da1026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tnpuWf7cpUSgGsYX%2FVrRp%2BLhJdBbVGs8%2F4cgLZupi%2FX8zKeRjEmwD95dA2oT1MpjuO09wUplhBW89o5aL5IRHHRTKZ%2BxA9nI6vKcCtdrCH%2FWTIQP53tVASL7aVeSmDHaS6FOa%2Fg%3D"}]}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75886b37dfd3-FRA
expires: Tue, 01 Feb 2022 16:49:49 GMT

GET
H2 200 plan.png
www.henrymakow.com/upload_images/ 438 KB
439 KB 53ms
17ms Image
image/png 2606:4700:3032::ac43:85f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.henrymakow.com/upload_images/plan.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:85f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 776e90e71bdf5486b1f0261db6974fa36031376dcabee2dead18687bfafaf9ea

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 98187
content-length: 448834
cf-request-id: 081587c95c0000dfeb5f13e000000001
last-modified: Mon, 31 Aug 2020 23:43:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=snPT%2Fk3AF19muTz7nsQXirkqyWpizF5EJQlBi5XWolMK0UaTP0PmVFHGP1QBufNR3YtaIcNFQZ7Dod9xj%2By9wzHKuvAtAgdjbIPMGxjPWqwUL4eleALxHe9eg3RzEO4%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 61cf75889a79dfeb-FRA
expires: Thu, 11 Feb 2021 17:26:10 GMT

GET
H2 200 trump-executive-order.jpg
cms.qz.com/wp-content/uploads/2017/01/ 61 KB
61 KB 185ms
96ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.qz.com/wp-content/uploads/2017/01/trump-executive-order.jpg?quality=75&strip=all&w=1600&h=900&crop=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: bda4f48aa086eae3051a505a9959cf1ae9fab829a934069bdc146547cf79cc6e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
x-rq: hhn2 109 142 443
last-modified: Sun, 31 Jan 2021 17:54:50 GMT
server: nginx
etag: "b826cdd2f79dd14d"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 61954
expires: Mon, 31 Jan 2022 17:54:50 GMT

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
568 B 64ms
64ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 167146
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
cf-request-id: 081587c8ea0000bec9111d6000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 22:16:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7587da4fbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/UznR4lHk7BQ/ 14 KB
14 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/UznR4lHk7BQ/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e6a5d4937e46087e0737105389558b6884278d96c4dd7f94c98226b5f23eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:41:18 GMT
x-content-type-options: nosniff
server: sffe
age: 80
etag: "1611022979"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14429
x-xss-protection: 0
expires: Fri, 05 Feb 2021 22:41:18 GMT

GET
H2 200 scientist_reveals_real.jpg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 64ms
64ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 165602
cf-polished: origFmt=jpeg, origSize=55516
content-disposition: inline; filename="scientist_reveals_real.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46020
cf-request-id: 081587c8ec0000bec9111d7000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-d8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 22:42:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf7587da50bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 emigrate2.jpeg
img.beforeitsnews.com/img/banner2020/ 55 KB
55 KB 22ms
20ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/emigrate2.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2236741
cf-polished: origSize=56198, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55905
cf-request-id: 081587c9480000bec930924000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-db86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75887a85bec9-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 polaraidhealth.jpeg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 24ms
22ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/polaraidhealth.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2236741
cf-polished: origSize=46655, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46365
cf-request-id: 081587c94f0000bec9198db000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-b63f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75887a8cbec9-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 BCX_Rife350x290.jpg
img.beforeitsnews.com/img/banner2020/ 36 KB
36 KB 58ms
53ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/BCX_Rife350x290.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2236738
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36512
cf-request-id: 081587c9560000bec936b12000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf75888a8ebec9-FRA
expires: Mon, 10 Jan 2022 23:23:40 GMT

GET
H2 200 tabs-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 148 B
257 B 26ms
26ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254045
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587c8160000bec9290b0000000001
last-modified: Fri, 22 Jan 2021 08:19:32 GMT
server: cloudflare
etag: W/"600a8a94-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf758689d9bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 20ms
14ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54124f8dbf5d3ac6832d4206845a4ed9daa17286d11552f8bc6fa38e15abc5ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38985
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Feb 2021 20:42:38 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 80ms
20ms Script
text/javascript 2600:9000:2190:1600:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 61d8a192bb4ef46137bb8e534d284fd33f05eee41ff88c0ea7a5cb1d40f513e4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:39:47 GMT
content-encoding: gzip
age: 171
etag: W/"1935a-tKN9hY+gMbHsv0YvaXLX1zKwwDQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: jMtSNGAy7BbEWgAh2aUo8tx4zm-dwZdwwlx-FEueRaqL-PO56Scd5A==

GET
H2 200 Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 24ms
20ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 2878745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BS7S1H3H1K4GBQ7P
x-amz-id-2: QjApP71jKYVGRAdkz9Q9P6OqBxHUujj3Ssfx891KJE0sEVGRFVTs3J5cx2ZDaBvfdzUqDnivfaM=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"93a3e7d84b15a0c8a8a9e4e6c8779aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3R09nKFA1fkBWMCXCpPvkqre3wT0snqV
cf-request-id: 081587c8370000bec9240cb000000001
cf-ray: 61cf7586b9ecbec9-FRA

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
307 B 40ms
36ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 777953
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
cf-request-id: 081587c8370000bec92eba5000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 20:36:45 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf7586b9edbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 41ms
38ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 170721
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
cf-request-id: 081587c8390000bec92eba6000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 21:17:17 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf7586b9eebec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 13 KB
13 KB 9ms
7ms Font
font/woff 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 02:54:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:06 GMT
server: sffe
age: 582472
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13064
x-xss-protection: 0
expires: Sun, 30 Jan 2022 02:54:46 GMT

GET
H3-Q050 200 RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 15:39:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:15:51 GMT
server: sffe
age: 190974
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9028
x-xss-protection: 0
expires: Thu, 03 Feb 2022 15:39:44 GMT

GET
H2 200 ZVcEsa5BFKM
www.youtube.com/embed/ Frame C794 0
0 125ms
100ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ZVcEsa5BFKM

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/ZVcEsa5BFKM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 23244
content-encoding: br
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
date: Fri, 05 Feb 2021 20:42:38 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=ZoqntapsDOk; path=/; domain=.youtube.com; secure; expires=Wed, 04-Aug-2021 20:42:38 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 05-Feb-2021 21:12:38 GMT YSC=95ROIwQwaUc; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=ZoqntapsDOk; path=/; domain=.youtube.com; secure; expires=Wed, 04-Aug-2021 20:42:38 GMT; httponly; samesite=None CONSENT=PENDING+748; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 797d2448-5994-43c4-8acd-7387828d4dbd
www.brighteon.com/embed/ Frame A274 0
0 550ms
441ms Document
text/html 143.204.93.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/embed/797d2448-5994-43c4-8acd-7387828d4dbd
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-118.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: www.brighteon.com
:scheme: https
:path: /embed/797d2448-5994-43c4-8acd-7387828d4dbd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 21992
date: Fri, 05 Feb 2021 20:42:38 GMT
x-amzn-requestid: 0de25448-762a-41b3-a393-66b081d4efa1
x-amzn-remapped-content-length: 21992
x-amz-apigw-id: aSgV1Fk5oAMF2rg=
etag: "55e8-51AiQWINmuBJRnjTiPJ/C1Llw64"
x-amzn-trace-id: Root=1-601dadbe-33f82bfd5151234d45d5f1c9;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OL0db_froWojizgTTcyIhlHqQsD1K1NuWFHhKKQ846mCphtGqWfTMw==

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3-Q050 200 O269cn5aS0A
www.youtube.com/embed/ Frame A6E7 0
0 133ms
112ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/O269cn5aS0A

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/O269cn5aS0A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: VISITOR_INFO1_LIVE=ZoqntapsDOk; YSC=95ROIwQwaUc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-content-type-options: nosniff
content-length: 24084
cache-control: no-cache
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type: text/html; charset=utf-8
content-encoding: br
date: Fri, 05 Feb 2021 20:42:38 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: GPS=1; path=/; domain=.youtube.com; expires=Fri, 05-Feb-2021 21:12:38 GMT CONSENT=PENDING+842; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 70ms
66ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 200254
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
cf-request-id: 081587c8e70000bec92e3d2000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf7587da4ebec9-FRA
expires: Thu, 03 Feb 2022 13:05:04 GMT

GET
H2 200 /
s.tradingview.com/embed-widget/ticker-tape/ Frame BEDE 0
0 125ms
20ms Document
text/html 13.224.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.13 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-13.zrh50.r.cloudfront.net

Software

tv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Fri, 05 Feb 2021 20:22:21 GMT
expires: Fri, 05 Feb 2021 21:22:21 GMT
cache-control: max-age=3600
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: NWJSmrR-VvuXyZd-wUX1V7HK9RXPLm05dG8S9HHunO2bs8DYC6jcWA==
age: 1217

GET
H/1.1 200
OK incr_views.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/ 8 B
635 B 553ms
169ms XHR
text/html 64.62.227.19
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/incr_views.php?id=62&_=1612557758705

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.19 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

3ba96b3a52145f792ec8b48434dd65e079100034429ab9f7889c4f0d2888ffe1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 20:42:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame 1761 239 KB
65 KB 192ms
134ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211520
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d2b8d827407d16f0c4ea40b02e663f97552c466527c69c17ae9fcc17c91f6e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 69
cf-polished: origSize=244941
last-modified: Wed, 20 Jan 2021 08:28:03 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 39FA48C8606075BF
x-amz-id-2: Kf1sLFOeDBN+Ab8GqjBz1+bJaccj/D7U5RcgKDMyXlK4Z46cfbZ49h+tnKkX7KFuwu62gEaqrFg=
cf-bgj: minify
server: cloudflare
etag: W/"9e16758cd856f9923398b7d6f884bcab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 081587c9a00000cc568596a000000001
cf-ray: 61cf7588ff85cc56-ZRH
expires: Fri, 05 Feb 2021 23:42:38 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame C663 238 KB
65 KB 150ms
95ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211520
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f926e3af6282927cbd9206122c2860cc2c7ca80f53bd52db02202dcb174ecd

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 2849
cf-polished: origSize=243558
last-modified: Wed, 20 Jan 2021 08:36:21 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B1862DFF68B6309E
x-amz-id-2: sB9ww6GKuzNeoZZxrzx0824spUU7rdoxu3yLwvg3tLQ5bSm60o5fpCyv7U4maWOp8f43e1UgKuI=
cf-bgj: minify
server: cloudflare
etag: W/"860dfbd0f8cdf79c71d833d0dfdb82d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 081587c9a00000cc5677854000000001
cf-ray: 61cf75890f89cc56-ZRH
expires: Fri, 05 Feb 2021 23:42:38 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 47ms
32ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 200239
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
cf-request-id: 081587c93d0000bec90f214000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf75886a7bbec9-FRA
expires: Thu, 03 Feb 2022 13:05:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 117ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4179c91e113b124b59e6526d4919a15be02dd45145d8deea3f92deab787f7dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47969
x-xss-protection: 0
server: cafe
etag: 13757351720466141251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Feb 2021 20:42:38 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
632 B 99ms
12ms Script
application/javascript 2606:4700:3035::ac43:8a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 71750
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4BEmzyriiTuj1%2FIzIXdbvzQgA85zw3kafhK7jmJRMuCKvNfQdtXaDPpkUJABY604dRbvQs5cCzTaDuEvh7TD48RXY1guM8ci%2BlNOsBZ0ahHbG10gPuGR"}],"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 61cf75899d302c3a-FRA
content-length: 9
cf-request-id: 081587c9fb00002c3a3f204000000001

GET
H2 200 adcode.png
rddywd.com/ 43 B
681 B 107ms
20ms Image
image/gif 2606:4700:3035::ac43:8a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 35963
content-length: 43
cf-request-id: 081587c9fd0000c2eac5bd3000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ft2MX8UU1MZp7ud1ruOYcpIrEYB9YxevVLEgnB3rEUHHpPyTb9H6f6%2BRLY0KQEPHU5Jz4PUi4K1xbrTumBeaO0G6cb4TUPRbls3LqAQFXQuxooiBwTnV"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 61cf75899f23c2ea-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 75ms
72ms Image
text/plain 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
2 KB 76ms
74ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210122.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:38 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 172447
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
cf-request-id: 081587c9a80000bec90e00b000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 20:48:31 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf75890ad7bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H/1.1 200
OK count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
619 B 471ms
195ms XHR
text/html 64.62.227.19
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.19 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

8e87f4f46327c4d9bc739a659e46de7cddbd6527f4d0fcc4f72c65386c553c3e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 05 Feb 2021 20:42:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 5f2c559be7229f0012f31c92.js Show response
buttons-config.sharethis.com/js/ 1 KB
873 B 105ms
27ms Script
text/javascript 2600:9000:2190:1200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f2c559be7229f0012f31c92.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:18 GMT
content-encoding: gzip
etag: W/"321dc6041bb0ea183e662f402b588149"
last-modified: Thu, 06 Aug 2020 20:50:47 GMT
server: AmazonS3
age: 56
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: mpeHm8L43APUSMLZUx8XUDW0iLLAB719_eY7_szKoM_vK9LoSY_SWw==

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 30ms
28ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 5846
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 081587cba90000cc569509d000000001
cf-ray: 61cf758c3f11cc56-ZRH

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 05:55:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 312459
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Wed, 02 Feb 2022 05:55:00 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4652
date: Fri, 05 Feb 2021 19:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 05 Feb 2021 21:25:07 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 12FA 0
0 86ms
12ms Document
text/html 2600:9000:2190:de00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:de00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Fri, 05 Feb 2021 19:43:54 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 5aVuANzhaptGKpZ2bVbhipcBoc5KZTeslWLf8Pxic9ICH6JUOVPFbg==
age: 3525

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 84ms
82ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1094&cols=1&pv=5&cbuster=1612557759604122677670&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=17773eeb4758964e406&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211520
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15ded582b8e5cd5bd4753668d24f05bee0fc35c62dea3f2bebf64f73b4b44eca

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61cf758daa40cc56-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587cc870000cc5671371000000001

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
882 B 82ms
80ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=334&cols=1&pv=5&cbuster=1612557759689692649517&uniqId=0eb11&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=17773eeb4c98e533e80&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211520
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c429669a649a411315ea98674b1c38f7a4ea4167a4d094c189635b74c4b90ea6

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61cf758e2b3bcc56-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587ccdb0000cc5671378000000001

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 187ms
25ms XHR
text/plain 3.124.48.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=beforeitsnews.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fbeforeitsnews.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Before%20It%27s%20News%20%7C%20People%20Powered%20News&cms=unknown&publisher=5f2c559be7229f0012f31c92&embeds_csv=https%3A%2F%2Fwww.youtube.com%2Fembed%2FZVcEsa5BFKM%2Chttps%3A%2F%2Fwww.youtube.com%2Fembed%2FO269cn5aS0A&sop=true&bsamesite=true&consent_cookie_duration=416&consent_duration=416&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Before%20It%27s%20News%C2%AE%20is%20a%20community%20of%20individuals%20who%20report%20on%20what%27s%20going%20on%20around%20them%2C%20from%20all%20around%20the%20world.%20You%20can%20join%20to%20Contribute%20News%20and%20Comments.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.48.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 20:42:39 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1543090709&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=167579433&gjid=17203622&cid=495248065.1612557760&tid=UA-16055024-1&_gid=1289037590.1612557760&_r=1&gtm=2ou1r0&z=1925908027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
695 B 116ms
106ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1612557759785593324617
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211520
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2435d7c00aeb209e451a988bc8b42a8abfbaa59808af3766a3ef12a30436c89

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 1255870e-0414-48ae-bdb8-11fb90e5d615
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61cf758eccadcc56-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587cd420000cc568b8d9000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 911E 19 B
448 B 110ms
107ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1612557759792922055046
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211520
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 91630dbc-1cb9-4c93-90be-e19da7952978
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61cf758eccaecc56-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587cd430000cc566a17d000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805484/492x277/0x164x2046x1364/ 7 KB
7 KB 60ms
56ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805484/492x277/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1612557759-mllFti1g-I5i8yuBYtDg3CPxj-B7wQUUtdr3Gjb9Y-Q
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab67b15b447ad18a142cb1cb479290fbbb78119d70dc005440b13a3dbb25e4b5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 46d5a91a-ab17-406e-86ae-9726e90a97a9
age: 7937983
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6702
cf-request-id: 081587cd4c0000cc568b8da000000001
last-modified: Mon, 05 Oct 2020 11:27:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758edcd7cc56-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp
s-img.mgid.com/g/3839411/492x277/16x0x600x400/ 9 KB
9 KB 66ms
62ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3839411/492x277/16x0x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp?v=1612557759-ZqxheV3FIKzkBGMxtWcv8NM2l_pQbrlx7Edo74mkmwo
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2acb72dd7f3b83f482b5544074ae0c1794f9f61b6d070386aa87e1cb87983f7d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 412e6809-3e7d-49a2-a477-d6cc074d24e3
age: 8009284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9154
cf-request-id: 081587cd560000cc569e276000000001
last-modified: Mon, 05 Oct 2020 11:13:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758edcdecc56-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc.webp
s-img.mgid.com/g/3944300/492x277/0x0x900x600/ 10 KB
11 KB 57ms
54ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944300/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc.webp?v=1612557759-8NDTk2PE8TAvDteFGQEoQ9FQMRe_P-u-Q3Gy5d85fSk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f621d941db372ba68b944654d10ca497ed6f2bbe036faf92297d3a2ff296d585

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 2cd84da0-248f-470a-bc9a-fbd730dc8c23
age: 8183631
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10544
cf-request-id: 081587cd4d0000cc5647034000000001
last-modified: Mon, 05 Oct 2020 11:23:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758edcd9cc56-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805584/492x277/0x164x2046x1364/ 7 KB
7 KB 58ms
56ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805584/492x277/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1612557759-cqSarMXaQH3DlraQvvKiEACjr0jAEGkuhRaCJk1rp5s
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab67b15b447ad18a142cb1cb479290fbbb78119d70dc005440b13a3dbb25e4b5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: b3bc9945-e2c6-49a9-8321-2fd25c5b338a
age: 8089776
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6702
cf-request-id: 081587cd4f0000cc5697924000000001
last-modified: Mon, 05 Oct 2020 11:24:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758edceecc56-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805484/492x277/0x164x2046x1364/ Frame C663 7 KB
7 KB 59ms
57ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805484/492x277/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1612557759-mllFti1g-I5i8yuBYtDg3CPxj-B7wQUUtdr3Gjb9Y-Q
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab67b15b447ad18a142cb1cb479290fbbb78119d70dc005440b13a3dbb25e4b5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 46d5a91a-ab17-406e-86ae-9726e90a97a9
age: 7937983
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6702
cf-request-id: 081587cd4f0000cc569a9f3000000001
last-modified: Mon, 05 Oct 2020 11:27:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758edce0cc56-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp
s-img.mgid.com/g/3839411/492x277/16x0x600x400/ Frame C663 9 KB
9 KB 57ms
55ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3839411/492x277/16x0x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp?v=1612557759-ZqxheV3FIKzkBGMxtWcv8NM2l_pQbrlx7Edo74mkmwo
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2acb72dd7f3b83f482b5544074ae0c1794f9f61b6d070386aa87e1cb87983f7d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 412e6809-3e7d-49a2-a477-d6cc074d24e3
age: 8009284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9154
cf-request-id: 081587cd4f0000cc56ac9db000000001
last-modified: Mon, 05 Oct 2020 11:13:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758edcebcc56-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc.webp
s-img.mgid.com/g/3944300/492x277/0x0x900x600/ Frame C663 10 KB
10 KB 34ms
28ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944300/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc.webp?v=1612557759-8NDTk2PE8TAvDteFGQEoQ9FQMRe_P-u-Q3Gy5d85fSk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f621d941db372ba68b944654d10ca497ed6f2bbe036faf92297d3a2ff296d585

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: 2cd84da0-248f-470a-bc9a-fbd730dc8c23
age: 8183631
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10544
cf-request-id: 081587cd8e0000cc564825f000000001
last-modified: Mon, 05 Oct 2020 11:23:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758f4dc5cc56-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805584/492x277/0x164x2046x1364/ Frame C663 7 KB
7 KB 94ms
89ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805584/492x277/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1612557759-cqSarMXaQH3DlraQvvKiEACjr0jAEGkuhRaCJk1rp5s
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab67b15b447ad18a142cb1cb479290fbbb78119d70dc005440b13a3dbb25e4b5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:39 GMT
cf-cache-status: HIT
x-mg-request-uuid: b3bc9945-e2c6-49a9-8321-2fd25c5b338a
age: 8089776
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6702
cf-request-id: 081587cd8d0000cc565530e000000001
last-modified: Mon, 05 Oct 2020 11:24:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758f4dc2cc56-ZRH

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
425 B 96ms
69ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-16055024-1&cid=495248065.1612557760&jid=167579433&gjid=17203622&_gid=1289037590.1612557760&_u=IEBAAUAAAAAAAC~&z=2017220577

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Feb 2021 20:42:39 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x328/0x0x980x653/ 24 KB
24 KB 87ms
86ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097645/492x328/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1612557759-ItamAnzHTr065SgsAzwPn-YxbBQGgrEkWneXk6a0zRA
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b92a2cb05cfef66c4ada6dc0cb92b1956ce9dfb293e8c718b74a0b0f8939e2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:40 GMT
cf-cache-status: HIT
x-mg-request-uuid: ca5cd678-e6ac-4d2f-8c89-0ac4ebaf5ffa
age: 8107431
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24582
cf-request-id: 081587cdf20000cc5675a75000000001
last-modified: Sun, 04 Oct 2020 08:22:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758fef2ecc56-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x328/0x0x980x653/ Frame 1761 24 KB
24 KB 88ms
88ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097645/492x328/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1612557759-ItamAnzHTr065SgsAzwPn-YxbBQGgrEkWneXk6a0zRA
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b92a2cb05cfef66c4ada6dc0cb92b1956ce9dfb293e8c718b74a0b0f8939e2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:40 GMT
cf-cache-status: HIT
x-mg-request-uuid: ca5cd678-e6ac-4d2f-8c89-0ac4ebaf5ffa
age: 8107432
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24582
cf-request-id: 081587cdf30000cc56bb8db000000001
last-modified: Sun, 04 Oct 2020 08:22:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf758fef33cc56-ZRH

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
261 B 81ms
80ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=495248065.1612557760&jid=167579433&_u=IEBAAUAAAAAAAC~&z=1070692749

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 111ms
28ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=495248065.1612557760&jid=167579433&_u=IEBAAUAAAAAAAC~&z=1070692749

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame F98E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

196ms
93ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1612557759785593324617
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Feb 2021 20:42:40 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Fri, 05 Feb 2021 20:42:40 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 273ms
156ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l15DlatCmjGc
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61cf7590be7f23df-ZRH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 081587ce75000023df35386000000001

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDE1RGxhdENtakdj&muidn=l15DlatCmjGc
https://cm.mgid.com/google?muidn=l15DlatCmjGc&google_ula={guid},5&google_gid=CAESEI8PNbEcLSBjMMnmEK-aziQ&google_cver=1

0
200 B

98ms
94ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l15DlatCmjGc&google_ula={guid},5&google_gid=CAESEI8PNbEcLSBjMMnmEK-aziQ&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61cf75912a99cc56-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587ceb60000cc5655aa2000000001

Redirect headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l15DlatCmjGc&google_ula={guid},5&google_gid=CAESEI8PNbEcLSBjMMnmEK-aziQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
623 B 184ms
80ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l15DlatCmjGc
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61cf7590a99acc3e-ZRH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587ce670000cc3ead9e6000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=zLX31945Wgo112QNaRyT&pi=mgid&tc=1

43 B
235 B

105ms
100ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=zLX31945Wgo112QNaRyT&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b5754500-e405-4d29-b5f6-761469f1fd3a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61cf7591cc34cc56-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587cf210000cc5654a4d000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=zLX31945Wgo112QNaRyT&pi=mgid&tc=1
pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT, Fri, 05 Feb 2021 20:42:40 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

6828c612-c085-432b-8f5f-d88acdca56a1
sync.1rx.io/usersync/bidswitch/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l15DlatCmjGc
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l15DlatCmjGc
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/6828c612-c085-432b-8f5f-d88acdca56a1?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/6828c612-c085-432b-8f5f-d88acdca56a1?gdpr=&gdpr_consent=

0
187 B

201ms
44ms

Image
text/plain

213.19.147.151
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/bidswitch/6828c612-c085-432b-8f5f-d88acdca56a1?gdpr=&gdpr_consent=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.147.151 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Feb 2021 20:42:40 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Tengine
Connection: keep-alive
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 05 Feb 2021 20:42:40 GMT
Server: Tengine
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.1rx.io/usersync/bidswitch/6828c612-c085-432b-8f5f-d88acdca56a1?gdpr=&gdpr_consent=
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=6828c612-c085-432b-8f5f-d88acdca56a1
https://x.bidswitch.net/sync?dsp_id=340&user_id=e35c206f-ef0b-4024-a6d6-cf9abb63a97e&expires=10&ssp=mgid&bsw_param=6828c612-c085-432b-8f5f-d88acdca56a1
https://cm.mgid.com/m?cdsp=433145&c=6828c612-c085-432b-8f5f-d88acdca56a1&gdpr=&gdpr_consent=&us_privacy=

43 B
243 B

80ms
80ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=6828c612-c085-432b-8f5f-d88acdca56a1&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 44367770-9995-47ea-bd93-ac1751628242
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61cf75934ff8cc56-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587d00f0000cc5695b68000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=6828c612-c085-432b-8f5f-d88acdca56a1&gdpr=&gdpr_consent=&us_privacy=
date: Fri, 05 Feb 2021 20:42:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=e5a721f7-f768-43e3-9f75-400b135cf437&ttl=1615149760

43 B
227 B

91ms
90ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=e5a721f7-f768-43e3-9f75-400b135cf437&ttl=1615149760
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3be911b5-dcdb-4922-bf33-4590f52da637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61cf75926e45cc56-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587cf890000cc56aca25000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=e5a721f7-f768-43e3-9f75-400b135cf437&ttl=1615149760
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 jsDynamic-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 40ms
38ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33935025719f5668bfab105458c9ce15c77fc676813cf0bb7ddc29a2c59c3df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254047
cf-polished: origSize=6552
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587d2700000bec90f27e000000001
last-modified: Fri, 22 Jan 2021 08:19:31 GMT
server: cloudflare
etag: W/"600a8a93-1998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf75971b9ebec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 responsive-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
789 B 33ms
31ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254047
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587d2710000bec92e82b000000001
last-modified: Fri, 22 Jan 2021 08:19:32 GMT
server: cloudflare
etag: W/"600a8a94-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf75971ba0bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 validate-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 27ms
26ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254047
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587d2710000bec90e07d000000001
last-modified: Fri, 22 Jan 2021 08:19:33 GMT
server: cloudflare
etag: W/"600a8a95-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf75971ba1bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 loadmore-bin-rev-20210122.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
2 KB 55ms
54ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20210122.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1254047
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587d2720000bec913a0d000000001
last-modified: Fri, 22 Jan 2021 08:19:31 GMT
server: cloudflare
etag: W/"600a8a93-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 61cf75971ba2bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 29 Jan 2021 08:21:54 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 54ms
16ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

99f3feb342c97fc25d6133f7557b813bb02c63a320fa496c30173c4a8b2d2182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1872
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 112ms
26ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210122.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 19:30:08 GMT
server: nginx
etag: W/"5364-1612294208683"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

GET
H/1.1 200
OK get_banners_direct.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/ 2 KB
1 KB 170ms
170ms XHR
text/html 64.62.227.19
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/get_banners_direct.php?type=on_regular_page&_=1612557761190

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.19 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

b56ddc51ee4e840a4823d418157810152a00af69643a55e396c479988520b860

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 20:42:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 28ms
12ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1911
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 61cf7597883e4abc-FRA
cf-request-id: 081587d2b800004abc39284000000001
expires: Sat, 06 Feb 2021 08:42:41 GMT

GET
H/1.1 200
OK get_items_to_show.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 59 KB
6 KB 169ms
169ms XHR
text/html 64.62.227.19
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1612557761191

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.19 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

14c6de3c0f57b636d0783e6ac0d8c34d2d59b362a6f7d1f944469304753d4445

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 20:42:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 get-most-recent-stories-list.php Show response
beforeitsnews.com/v3/recent/ 19 KB
4 KB 681ms
681ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1612557761191

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c5f23ae708f4432112a507aa0d84d2240b7be5116723896eed37ad26f5ad29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 081587d2a90000bec921889000000001
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
cf-ray: 61cf75977bcbbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 26ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 05 Feb 2021 21:28:57 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 823
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 05 Feb 2021 21:28:58 GMT

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 243 KB
87 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7997
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88693
x-xss-protection: 0
last-modified: Mon, 30 Nov 2020 10:52:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 18:29:24 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 15:59:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 16980
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Sat, 05 Feb 2022 15:59:41 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame DF00 18 KB
4 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 05 Feb 2021 21:28:57 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
914 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 58623
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:38 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
216 B 45ms
44ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 20:42:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e7428f37b6213f586e10a3720436e49ae57ad5ba.jpeg
beforeitsnews.com/img/i2021/02/ 10 KB
10 KB 27ms
26ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/e7428f37b6213f586e10a3720436e49ae57ad5ba.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158792ee2ceddbd39a88be4f203fbd64ecbb9b7dc70bc095628d70a38734e342

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 402073
cf-polished: origSize=11479, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10311
cf-request-id: 081587d3590000bec93c967000000001
last-modified: Sun, 15 Sep 2019 03:47:19 GMT
server: cloudflare
etag: "5d7db447-2cd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 05:01:28 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf75988c3bbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 7c12fca16684f6b552015364521bee48ccf7dba6.jpg
beforeitsnews.com/img/i2021/02/ 25 KB
25 KB 24ms
23ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/7c12fca16684f6b552015364521bee48ccf7dba6.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4f91ad2c98bcb9bf8228cb1787908c54662706065424e6da496ff3e7c32f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 402146
cf-polished: origSize=54651, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25534
cf-request-id: 081587d35a0000bec9273e9000000001
last-modified: Fri, 22 Jan 2021 17:50:29 GMT
server: cloudflare
etag: "600b1065-d57b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 05:00:14 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf75988c3dbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 1ec95820f8199cdf58a3c603f7423f4a24946d17.jpeg
beforeitsnews.com/img/i2021/02/ 12 KB
12 KB 30ms
29ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/1ec95820f8199cdf58a3c603f7423f4a24946d17.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5310bb09e1f0d935618f7fa8dc6eb30fd8554b712079f195f3ee72247955e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 402146
cf-polished: origSize=13147, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11929
cf-request-id: 081587d35c0000bec9360a0000000001
last-modified: Wed, 27 Mar 2019 23:48:35 GMT
server: cloudflare
etag: "5c9c0bd3-335b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 05:00:14 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf75988c3ebec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame BEBB 3 KB
1 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aQv9WW9W4TtIzuTe/0opbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-aQv9WW9W4TtIzuTe/0opbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Fri, 05 Feb 2021 20:42:41 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 10864438442185062
lockerdome.com/lad/ Frame 88BD 0
0 533ms
136ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 05 Feb 2021 20:42:41 GMT

GET
H/1.1 200
OK 10864440455450982
lockerdome.com/lad/ Frame 28DE 0
0 542ms
136ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 05 Feb 2021 20:42:41 GMT

GET
H3-Q050 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 7ms
6ms Image
image/gif 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:21:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 127282
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Fri, 04 Feb 2022 09:21:19 GMT

GET
H2 200 Happy-Sunday.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 45 KB
45 KB 28ms
27ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Happy-Sunday.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce9dac4d65255594816786dd6a3b810bfe4795a5e1780e9f74fb5637d0bf8e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 347882
cf-polished: origSize=46170, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45636
cf-request-id: 081587d5560000bec90f298000000001
last-modified: Thu, 21 Jan 2021 16:49:28 GMT
server: cloudflare
etag: "6009b098-b45a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 20:04:39 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61cf759bbdb2bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 image.png
lh3.googleusercontent.com/-z0IP6Lp5bsk/YB2qpxbeakI/AAAAAAAAdNI/IaQzhJchtcQqyNFAdOCMvRX_0Gn4uO47ACLcBGAsYHQ/ 267 KB
267 KB 118ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-z0IP6Lp5bsk/YB2qpxbeakI/AAAAAAAAdNI/IaQzhJchtcQqyNFAdOCMvRX_0Gn4uO47ACLcBGAsYHQ/image.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d78b51e177a71a98987225594e0074e9ce17c1919f16e489f6e93ea6dc8add29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:32:36 GMT
x-content-type-options: nosniff
age: 605
content-disposition: inline;filename="image.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 273102
x-xss-protection: 0
server: fife
etag: "v74d3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Feb 2021 20:32:36 GMT

GET
H2 200 Instant%C3%A2neo%201%20(05-02-2021%2016-43).png
beforeitsnews.com/contributor/upload/238306/images/ 93 KB
94 KB 32ms
24ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/238306/images/Instant%C3%A2neo%201%20(05-02-2021%2016-43).png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60183d47088364f29f11121142e24ebabfb3325a3b7cefcd8f96c6321bf2fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1050
cf-polished: origFmt=png, origSize=148128
content-disposition: inline; filename="Instant%C3%A2neo%201%20(05-02-2021%2016-43).webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95616
cf-request-id: 081587d55e0000bec92e067000000001
last-modified: Fri, 05 Feb 2021 20:21:45 GMT
server: cloudflare
etag: "601da8d9-242a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 20:25:11 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf759bcdb9bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 502 Klobuchar.jpg
www.freedomworks.org/system/files/styles/large/s3/field/image/ 0
0 607ms
452ms Image
text/html 2620:12a:8001::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedomworks.org/system/files/styles/large/s3/field/image/Klobuchar.jpg?itok=s27EcJcQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/BP2LqZ65M5M/ 17 KB
17 KB 14ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BP2LqZ65M5M/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5f4eda1ed506f78c62e4d2a22bd62aee2eb0de40f42e907ee7c08044e50d0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:41:07 GMT
x-content-type-options: nosniff
server: sffe
age: 94
etag: "1612527576"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17203
x-xss-protection: 0
expires: Fri, 05 Feb 2021 20:46:07 GMT

GET
H2 200 01525A5F-8C6E-4981-B34C-B86215283E62.jpeg
beforeitsnews.com/contributor/upload/740217/images/ 74 KB
75 KB 107ms
100ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/740217/images/01525A5F-8C6E-4981-B34C-B86215283E62.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43712b28e81ab0f52e44b1e5744716043266d09c3dcd3037b581cdc7e3a827a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1960
cf-polished: origSize=86734, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76216
cf-request-id: 081587d55e0000bec911284000000001
last-modified: Fri, 05 Feb 2021 20:08:10 GMT
server: cloudflare
etag: "601da5aa-152ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 20:10:01 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf759bcdbabec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Child_cash_family_credit.jpg
www.catholicnewsagency.com/images/ 17 KB
18 KB 127ms
14ms Image
image/jpg 2606:4700:3036::6815:3aa9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/Child_cash_family_credit.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3aa9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15
Resource Hash: e77a15a69bd1b3e4089725d5b500511a96deecf34e2e5ff84cc34a445c292819

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1966
x-powered-by: PHP/7.4.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RdS1%2BBxJZ8JtAv0oYikKU%2BqHlFiJvlzlS%2BpZiz32DR3OBNlv7fKcOJxaCYTmd4fsB1EpqT0jn7hjv9pnrvcBeA9vA7Qt%2B5pEif0TAYcKWKFcOzEyZB9gqXTmCvX6Qvlj7832uhvMKA%3D%3D"}],"group":"cf-nel"}
content-type: image/jpg
cache-control: max-age=16070400
cf-ray: 61cf759c79c81f29-FRA
cf-request-id: 081587d5c700001f291e23e000000001
expires: Sun, 07 Mar 2021 20:09:55 GMT

GET
H2 200 6a00e54eeb143188340278801317dd200d-120wi
selwynduke.typepad.com/.a/ 3 KB
3 KB 711ms
598ms Image
image/jpeg 104.18.138.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://selwynduke.typepad.com/.a/6a00e54eeb143188340278801317dd200d-120wi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.138.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ef0043a9da729113e5c065532316c0aa3551618ad18583cc602002bfeafff5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
via: 1.1 varnish
cf-cache-status: DYNAMIC
age: 2093
cf-ray: 61cf759c8fadcc36-ZRH
content-disposition: inline; filename=6a00e54eeb143188340278801317dd200d-120wi.jpg
content-length: 2968
cf-request-id: 081587d5d50000cc366910e000000001
x-webserver: oak-tp-web067
last-modified: Fri, 05 Feb 2021 20:07:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cookie
x-varnish: 424842305 424455122
cache-control: s-maxage=14400
x-phapp: oak-tp-web067
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 Biden-NRA-ILA-600x338.jpg
www.ammoland.com/wp-content/uploads/2020/10/ 36 KB
37 KB 133ms
21ms Image
image/jpeg 2606:4700:10::6816:1a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ammoland.com/wp-content/uploads/2020/10/Biden-NRA-ILA-600x338.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09cea9c101a38a864f38f2de0ea59ac42371af7b662c17f45bf5911d7fcdcf5f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
cf-cache-status: HIT
age: 178
content-length: 37346
cf-request-id: 081587d5c800001f29650ae000000001
last-modified: Wed, 07 Oct 2020 16:36:13 GMT
server: cloudflare
etag: "5f7dee7d-91e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf759c79c61f29-FRA
cf-bgj: h2pri

GET
H2 200 laughing_zps3b740454.gif
www.thepiratescove.us/wp-content/uploads/2019/07/ 883 KB
889 KB 411ms
122ms Image
image/gif 205.196.223.136
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepiratescove.us/wp-content/uploads/2019/07/laughing_zps3b740454.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.196.223.136 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e61f5c6cb30eb1216831a24d61cfb38b88fca37d0abe738ccbc2b773920d8e22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jul 2019 15:10:02 GMT
server: Apache
etag: "dcc69-58cf07d21f4a6"
vary: User-Agent
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 904297
expires: Sat, 05 Feb 2022 20:42:42 GMT

GET
H2 200 181102140227-02-michael-lindell-trump.jpg
cdn.cnn.com/cnnnext/dam/assets/ 275 KB
275 KB 103ms
6ms Image
image/jpeg 2a02:26f0:7100:2af::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cnn.com/cnnnext/dam/assets/181102140227-02-michael-lindell-trump.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:2af::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 6bfeaffa62bfab842f2a11cada4cf1a85f4b377af5f57480dd3fa99f5d132250

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
server: Apache-Coyote/1.1
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 281213
expires: Fri, 05 Feb 2021 21:42:41 GMT

GET
H2 200 Church_pews_Credit_Goran_Bogicevic_Shutterstock_CNA_1.jpg
www.catholicnewsagency.com/images/ 21 KB
22 KB 76ms
13ms Image
image/jpg 2606:4700:3036::6815:3aa9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/Church_pews_Credit_Goran_Bogicevic_Shutterstock_CNA_1.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3aa9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15
Resource Hash: 4f52be0dcffcd1b1b8f2854d283ffac1eae230f87bd738bc61d3e0bcdadd23cb

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2682
x-powered-by: PHP/7.4.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zuWwyucSOJ9O02L9sJ3lxEl1%2Bk6OafCpdro%2BOmrqJwzzgTE2TYq9IxmQcQVuOq0WBRo9PuCnk9MeNiyidScAFqnx%2BRwTRp%2FSihSzCbFuJI3NyNiF9A6YW4wCyDXHmoRjj%2FkbPSKrkQ%3D%3D"}],"group":"cf-nel"}
content-type: image/jpg
cache-control: max-age=16070400
cf-ray: 61cf759c79ce1f29-FRA
cf-request-id: 081587d5c900001f295a097000000001
expires: Sun, 07 Mar 2021 19:57:59 GMT

GET
H2 200 c77844c8-433a-4205-8b01-ad7bfa663941%20(1).jpg
beforeitsnews.com/contributor/upload/724569/images/ 34 KB
34 KB 26ms
25ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/c77844c8-433a-4205-8b01-ad7bfa663941%20(1).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e22571ee82c8722c1a63e242a24410974e45c7ea4e519d11a697730c5503bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3162
cf-polished: origSize=43198, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34906
cf-request-id: 081587d5ca0000bec911287000000001
last-modified: Tue, 05 Jan 2021 00:58:58 GMT
server: cloudflare
etag: "5ff3b9d2-a8be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 19:50:00 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf759c7dfebec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 AB3234-Picture-300x200.jpg
www.wklaw.com/wp-content/uploads/2021/02/ 15 KB
15 KB 77ms
36ms Image
image/jpeg 2606:4700:3032::ac43:bbd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wklaw.com/wp-content/uploads/2021/02/AB3234-Picture-300x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bbd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4d251f5084875621c1125b049d340d96821ddc2bfc94bb1a905fe472b49f2f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3434
content-length: 15129
cf-request-id: 081587d5f3000005f18329b000000001
last-modified: Fri, 05 Feb 2021 19:28:18 GMT
server: cloudflare
etag: "601d9c52-3b19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qPoe9waK9s%2B%2FO0Pr4ZU7Ero15yu9WD8%2FZZT3ZNN2AUm%2Fo%2BnWsKtxhJHE3C9eZjS%2Bp5azVz2fRm8N8UkrPwhTkXoQlQ4mz6WcaTeCrJLTTAsJeOCXOGRa7KXA"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf759cb8ea05f1-FRA

GET
H2 200 2122.png
s.w.org/images/core/emoji/11.2.0/72x72/ 613 B
706 B 87ms
63ms Image
image/png 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/11.2.0/72x72/2122.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

d6e25238d199a625a8cfbb8412fc0b06900eb39c5dd76c41021b540b3e5060e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 05 Feb 2021 20:42:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 15:22:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 613
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8e75e7e3-ad25-4132-b185-87972f6adc9e-1.jpg
beforeitsnews.com/contributor/upload/724569/images/ 47 KB
47 KB 81ms
63ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/8e75e7e3-ad25-4132-b185-87972f6adc9e-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28e52d976c97e7e195c869d0a3b8c502429ed84dd0c18f7bb7a932f3fcdf7f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3751
cf-polished: origSize=53307, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47811
cf-request-id: 081587d5f00000bec90f29e000000001
last-modified: Sat, 15 Aug 2020 08:05:22 GMT
server: cloudflare
etag: "5f379742-d03b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 19:40:11 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf759cbe21bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 FBI-NICS-600x398.jpg
www.ammoland.com/wp-content/uploads/2018/06/ 27 KB
27 KB 68ms
50ms Image
image/jpeg 2606:4700:10::6816:1a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ammoland.com/wp-content/uploads/2018/06/FBI-NICS-600x398.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315754f7bf545dc2147e26f224e0618b150afd39bc7f036ef4d21d8df30cf8aa

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
cf-cache-status: HIT
age: 4105
content-length: 27751
cf-request-id: 081587d5f000001f295502a000000001
last-modified: Sun, 02 Dec 2018 03:23:58 GMT
server: cloudflare
etag: "5c03504e-6c67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf759cba481f29-FRA
cf-bgj: h2pri

GET
H3-Q050 200 image.png
lh3.googleusercontent.com/-GhjjVg8aR-0/YBmKS6ovjZI/AAAAAAAAqdo/gJWbl1uiW1ciVVGo10Sh0oBOboNnNcrpQCLcBGAsYHQ/ 49 KB
50 KB 90ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-GhjjVg8aR-0/YBmKS6ovjZI/AAAAAAAAqdo/gJWbl1uiW1ciVVGo10Sh0oBOboNnNcrpQCLcBGAsYHQ/image.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

17c43034f5923b2a4cfc47dd101a3009b230bb986a1aa8b9fdc7dd6f3706baad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 19:34:07 GMT
x-content-type-options: nosniff
age: 4115
content-disposition: inline;filename="image.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50398
x-xss-protection: 0
server: fife
etag: "va9db"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 03 Feb 2021 23:23:11 GMT

GET
H2 200 stellar-quenching-graph-credit-Anshu-Gupta-400x312-1.png
www.universetoday.com/wp-content/uploads/2021/02/ 19 KB
20 KB 94ms
13ms Image
image/png 2606:4700:e4::ac40:a51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.universetoday.com/wp-content/uploads/2021/02/stellar-quenching-graph-credit-Anshu-Gupta-400x312-1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a51e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 409279e995a6a7b6f4310ad7ea104af64a92365956265c8d3bab3a4406480634

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4845
content-length: 19720
cf-request-id: 081587d63a00001f399f010000000001
last-modified: Fri, 05 Feb 2021 18:06:27 GMT
server: cloudflare
etag: "601d8923-4d08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xm%2BC4XsVbF5Lg87JwHmiNomd2DUkId%2FABQ%2BnaXBgZZcH44R00YsK4ehxWZzp4KIUlET810HS1f33FozgCAV9s9T6msJ0A5RGFDwf0YEeLVoDsy6JZNEOyCdmNequ0V%2FPNCU%3D"}]}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 61cf759d2ea71f39-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e3924-talmud-hate-and-racism.jpg
beforeitsnews.com/contributor/upload/724569/images/ 28 KB
28 KB 70ms
61ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/e3924-talmud-hate-and-racism.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

263a3cde85e4b2d1566d5c53a8dbed5e2f40964ab8650bd3a32eb4a5b96d90c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4364
cf-polished: origSize=36501, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28621
cf-request-id: 081587d5f20000bec93c984000000001
last-modified: Fri, 20 Nov 2020 00:34:39 GMT
server: cloudflare
etag: "5fb70f1f-8e95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 19:29:58 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf759cbe24bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 A_Belgrade.jpg
beforeitsnews.com/contributor/upload/461640/images/ 35 KB
36 KB 68ms
65ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/461640/images/A_Belgrade.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe297644c3b39cb2184ab006d06b601f83e155eacb5616e44d6aa79fdd8d115

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4364
cf-polished: origSize=37734, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36204
cf-request-id: 081587d5f20000bec924149000000001
last-modified: Fri, 05 Feb 2021 19:20:56 GMT
server: cloudflare
etag: "601d9a98-9366"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 19:29:58 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf759cbe27bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 403 Escamol-750x563.jpg
www.odditycentral.com/wp-content/uploads/2021/02/ 0
0 129ms
46ms Image
text/html 2606:4700:20::681a:7d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.odditycentral.com/wp-content/uploads/2021/02/Escamol-750x563.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 Browning-Maxus-II-Rifled-Deer-Shotgun-600x328.jpg
www.ammoland.com/wp-content/uploads/2021/02/ 13 KB
14 KB 63ms
60ms Image
image/jpeg 2606:4700:10::6816:1a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ammoland.com/wp-content/uploads/2021/02/Browning-Maxus-II-Rifled-Deer-Shotgun-600x328.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aed3952b9dab7c1ab8e3e840e30abe4343d743865118f7ee912894958383420b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
cf-cache-status: HIT
age: 4161
content-length: 13811
cf-request-id: 081587d5f300001f2970135000000001
last-modified: Fri, 05 Feb 2021 19:16:02 GMT
server: cloudflare
etag: "601d9972-35f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 61cf759cba4c1f29-FRA
cf-bgj: h2pri

GET
H2 200 rothschild.jpg
beforeitsnews.com/contributor/upload/724569/images/ 56 KB
56 KB 66ms
57ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/rothschild.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4ce31570cfb6e868c464bcd6d585472931a0a067e286a0dfd5240d49726e243

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4959
cf-polished: origSize=63493, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56881
cf-request-id: 081587d63a0000bec92414c000000001
last-modified: Sat, 21 Nov 2020 13:13:31 GMT
server: cloudflare
etag: "5fb9127b-f805"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 19:20:03 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf759d2e67bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 A_Macron1.jpg
beforeitsnews.com/contributor/upload/428376/images/ 21 KB
21 KB 67ms
59ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/428376/images/A_Macron1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00e9d3fae2ef398dce4da6dda909547d3c30ad9f7cefbac8b003fcb8a1c53b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4959
cf-polished: origSize=23151, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21725
cf-request-id: 081587d63b0000bec92915d000000001
last-modified: Fri, 05 Feb 2021 14:12:34 GMT
server: cloudflare
etag: "601d5252-5a6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 19:20:03 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf759d2e69bec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Screen-Shot-2021-02-05-at-2.07.53-PM-800x491.png
gellerreport.com/wp-content/uploads/2021/02/ 242 KB
242 KB 111ms
23ms Image
image/png 192.124.249.17
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gellerreport.com/wp-content/uploads/2021/02/Screen-Shot-2021-02-05-at-2.07.53-PM-800x491.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.17 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ae662a5d4fa71f2da72415c617438aab4abdcd500206ecb24bdd68d8bfd28c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 19:08:03 GMT
server: nginx
etag: "601d9793-3c63c"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 247356
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FWC.jpg
beforeitsnews.com/contributor/upload/712250/images/ 3 KB
4 KB 60ms
56ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/712250/images/FWC.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

784b7cd6706f0462d02686fbff7d0bd791a007a836e9137ad41296fed690700f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 20:42:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5258
cf-polished: origSize=3543, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3463
cf-request-id: 081587d63b0000bec90ea8a000000001
last-modified: Fri, 05 Feb 2021 19:04:54 GMT
server: cloudflare
etag: "601d96d6-dd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 05 Feb 2022 19:15:04 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 61cf759d2e6bbec9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 /
external-content.duckduckgo.com/iu/ 42 KB
42 KB 156ms
66ms Image
image/jpeg 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2F1.bp.blogspot.com%2F-G-QBiA1umYQ%2FWVqUniA0qFI%2FAAAAAAAABbc%2FJ4EiLCzHan84b2T5Rg_cDITnpWeZjlLDQCLcBGAs%2Fs400%2F11218904_972986176098152_5892505795829196655_n.jpg&f=1&nofb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2731c227ecf0de9c577aa21af8512d9a981c2a0ca92998a01a55f7825a8a6382

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-duckduckgo-locale: en_US
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Fri, 05 Feb 2021 20:42:42 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
expires: Sat, 05 Feb 2022 20:42:42 GMT

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1970-01-19 15:56:06	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyBeFqFaUhV27
.rubiconproject.com/	1970-01-20 00:41:33	Name: audit Value: 1\|Ip65sGuai5dvrk72n9qi8FU7nviDbc8ZcGBk0qp6VOp6eP0zD2PV8A+zze4GQZ1QvvuCb06zZ7ZBK03vAHceED2OF0LeunGyYPDxny9O7hOms9zJf0uANdAPlTu0R9RN
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s1
.rubiconproject.com/	1970-01-20 00:41:33	Name: khaos Value: KKSR97EX-1Y-3WW4
.beforeitsnews.com/	1970-01-19 16:39:09	Name: __cfduid Value: daa9a6bfd391c92d70ed4c2568438ea6c1612557761

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://beforeitsnews.com/(Line 490) Message: [Web Cached] Loaded time: 0.00235s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	info	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210122.js(Line 39) Message: adsVideosRotating: id62 views: 9,278.7k
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211520(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211520(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.beforeitsnews.com
amg-news.com
ams.creativecdn.com
beforeitsnews.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.cnn.com
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.smadex.com
cms.qz.com
creativecdn.com
eus.rubiconproject.com
external-content.duckduckgo.com
fonts.googleapis.com
fonts.gstatic.com
gellerreport.com
i.imgflip.com
i.ytimg.com
img.beforeitsnews.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
l.sharethis.com
lh3.googleusercontent.com
lockerdome.com
match.adsrvr.org
media.mercola.com
media.paradigm.press
pagead2.googlesyndication.com
platform-api.sharethis.com
rddywd.com
s-img.mgid.com
s.tradingview.com
s.w.org
s3.amazonaws.com
s3.tradingview.com
secure-assets.rubiconproject.com
secureservercdn.net
selwynduke.typepad.com
servicer.mgid.com
sonsoflibertymedia.com
static-3.bitchute.com
stats.g.doubleclick.net
sync.1rx.io
translate.google.com
translate.googleapis.com
usermatch.targeting.unrulymedia.com
video.brighteon.com
www.ammoland.com
www.brighteon.com
www.catholicnewsagency.com
www.freedomworks.org
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.henrymakow.com
www.odditycentral.com
www.thepiratescove.us
www.universetoday.com
www.wklaw.com
www.youtube.com
x.bidswitch.net
104.154.142.214
104.16.221.74
104.18.13.238
104.18.138.190
104.18.64.15
104.19.136.78
104.19.217.61
13.224.102.111
13.224.102.13
13.225.78.65
142.250.185.130
143.204.93.118
151.139.242.29
18.195.193.185
185.184.8.30
185.59.220.194
192.0.66.2
192.0.77.48
192.124.249.17
205.196.223.136
213.19.147.151
23.37.42.132
23.79.143.124
2600:9000:20eb:6200:10:6147:ef80:93a1
2600:9000:2190:1200:c:abe:f440:93a1
2600:9000:2190:1600:1c:8a07:5e80:93a1
2600:9000:2190:de00:c:a9b7:ddc0:93a1
2606:4700:10::6816:1a64
2606:4700:10::ac43:e6e
2606:4700:20::681a:1be
2606:4700:20::681a:7d5
2606:4700:3031::ac43:a025
2606:4700:3032::ac43:85f3
2606:4700:3032::ac43:bbd0
2606:4700:3035::ac43:8a23
2606:4700:3036::6815:3aa9
2606:4700::6811:a64e
2606:4700::6812:e134
2606:4700:e4::ac40:a51e
2620:12a:8001::3
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c00::9a
2a02:26f0:7100:2af::3134
2a02:fe80:1010::16
3.124.48.224
40.114.178.124
52.209.120.242
52.217.76.246
64.62.227.19
89.40.36.137
00e9d3fae2ef398dce4da6dda909547d3c30ad9f7cefbac8b003fcb8a1c53b29
015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123
0277746a76979bf685e56ab2b5f8e3be9f087efa9fa91bf09a1674e0a94a01ff
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
068fe17f9d43898c88ab0b2bab778b800d9ec0771547e9e73f1502621baa79f1
06f926e3af6282927cbd9206122c2860cc2c7ca80f53bd52db02202dcb174ecd
09cea9c101a38a864f38f2de0ea59ac42371af7b662c17f45bf5911d7fcdcf5f
0c75f0b749799d1fd726facc77135059192d137a5c4cf383e502d00252e203e1
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
12b92a2cb05cfef66c4ada6dc0cb92b1956ce9dfb293e8c718b74a0b0f8939e2
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
14c40e5263a8f53508009bd01fcf1d49ad9b1c37721bfa0c58ac95fa77214c96
14c6de3c0f57b636d0783e6ac0d8c34d2d59b362a6f7d1f944469304753d4445
1560925b7d4f6a008e0c975ae68e14b58311a7ab03f2c09da2487cf8e8d27aca
158792ee2ceddbd39a88be4f203fbd64ecbb9b7dc70bc095628d70a38734e342
15ded582b8e5cd5bd4753668d24f05bee0fc35c62dea3f2bebf64f73b4b44eca
16ef0043a9da729113e5c065532316c0aa3551618ad18583cc602002bfeafff5
17933410ea9f9e1d86507448647f7d4a23601f88e68997a38cd1e8cbb084ae96
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
17c43034f5923b2a4cfc47dd101a3009b230bb986a1aa8b9fdc7dd6f3706baad
18a3c7894e521fa5497ddcf946aad178a7e06bc7640b044289c69daceeb47147
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
19e22571ee82c8722c1a63e242a24410974e45c7ea4e519d11a697730c5503bb
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
263a3cde85e4b2d1566d5c53a8dbed5e2f40964ab8650bd3a32eb4a5b96d90c5
2731c227ecf0de9c577aa21af8512d9a981c2a0ca92998a01a55f7825a8a6382
27ee7ecb55d2cbc041bc7460df78fcc5480137b8faeb9a9db26440ee7bbd556b
28e52d976c97e7e195c869d0a3b8c502429ed84dd0c18f7bb7a932f3fcdf7f1b
2acb72dd7f3b83f482b5544074ae0c1794f9f61b6d070386aa87e1cb87983f7d
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
315754f7bf545dc2147e26f224e0618b150afd39bc7f036ef4d21d8df30cf8aa
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33935025719f5668bfab105458c9ce15c77fc676813cf0bb7ddc29a2c59c3df3
341e1070351a4000ed0a4df0df7b89fba8b672e97a720926125848864dc69e4f
351510c7652e68eb4eb0ea1c2c8567cc2ca78f0d709c90496e35ecaaae9ae480
3ba96b3a52145f792ec8b48434dd65e079100034429ab9f7889c4f0d2888ffe1
3c0cc553c498ff457fbbb9f60d9a8373363066c775f33b8210391bfd5609688f
409279e995a6a7b6f4310ad7ea104af64a92365956265c8d3bab3a4406480634
41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10
4179c91e113b124b59e6526d4919a15be02dd45145d8deea3f92deab787f7dfd
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
43712b28e81ab0f52e44b1e5744716043266d09c3dcd3037b581cdc7e3a827a5
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
43f28454fffdac3d5c82791d1a3e2ee69071bd6a200e6248af9fb6dd90a1c869
44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635
46f5b070b526e1352ce3a34be80ac2e21fb626d7d2ed742ae583537197782abb
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
4b4f91ad2c98bcb9bf8228cb1787908c54662706065424e6da496ff3e7c32f92
4f52be0dcffcd1b1b8f2854d283ffac1eae230f87bd738bc61d3e0bcdadd23cb
5310bb09e1f0d935618f7fa8dc6eb30fd8554b712079f195f3ee72247955e370
54124f8dbf5d3ac6832d4206845a4ed9daa17286d11552f8bc6fa38e15abc5ff
55c5f23ae708f4432112a507aa0d84d2240b7be5116723896eed37ad26f5ad29
5e4981d4fd90b67b9a8a5e60bc448f4076907cf7243e4291236123bf017adae7
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
61d8a192bb4ef46137bb8e534d284fd33f05eee41ff88c0ea7a5cb1d40f513e4
62d2b8d827407d16f0c4ea40b02e663f97552c466527c69c17ae9fcc17c91f6e
6613640a08a451faae58c948547c57708fec95caed47929cd8aa5dac75df08b2
6ae662a5d4fa71f2da72415c617438aab4abdcd500206ecb24bdd68d8bfd28c4
6bfeaffa62bfab842f2a11cada4cf1a85f4b377af5f57480dd3fa99f5d132250
6d17b23bd085ec78f7c0b3b32343d0326e59a88f523931d3af6d2c95fbb92bf1
6efadce41ae376140acf28c0c20ad12dc8f1aedbb605e458bcb59ed9cf2db21e
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
76bf1ebbc8d602065e964581e59c018d8a5e120cb62e2e87a8ddd24068b6e056
776e90e71bdf5486b1f0261db6974fa36031376dcabee2dead18687bfafaf9ea
784b7cd6706f0462d02686fbff7d0bd791a007a836e9137ad41296fed690700f
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7a200701c53c115d1426b0e499872f764a6562e985a39a0796b152b9c31a72ba
7be3885d6747a25b99b829eaa781fd38c633b3b01b5c58f739d43ea85dbac762
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856d10b22b78d8dca542577503906fdda7c04a04a8e5f6fbfe677c02ab92810b
85e28d7be70e582af44f3acd1f08a6aba0669da01f3b655b624b447ebc4e5ec9
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42
8e87f4f46327c4d9bc739a659e46de7cddbd6527f4d0fcc4f72c65386c553c3e
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
95618d0ac377efaa3f06e4584315a42de11d69a86e1eaa00cd0ee23b642bad40
9570064e6fc585f34a2f61e1c1af5ba7fb0acab456da0ab42c0fed419da67644
99f3feb342c97fc25d6133f7557b813bb02c63a320fa496c30173c4a8b2d2182
9c165c794cc085351dba3d30ae0166b1a059a37cef50fe545aa56290d96cbb6a
a0cbf9593925e2b9245b497461b1ff6566672aa9d789212a39952fa00a0bca86
a4ce31570cfb6e868c464bcd6d585472931a0a067e286a0dfd5240d49726e243
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ab67b15b447ad18a142cb1cb479290fbbb78119d70dc005440b13a3dbb25e4b5
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ada575bbeea74f31166efec688e8f9c31a1e4301aef318346d3681f700f72250
aed3952b9dab7c1ab8e3e840e30abe4343d743865118f7ee912894958383420b
b2435d7c00aeb209e451a988bc8b42a8abfbaa59808af3766a3ef12a30436c89
b276b12bb10237fd6ac51425e7b513d7e294345c367a58093d4b0c9ea7fba30d
b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25
b49807c7a2b975537a8ef4a7a5790369c7ba710e65056187143b6414830c4d52
b56ddc51ee4e840a4823d418157810152a00af69643a55e396c479988520b860
b5f4eda1ed506f78c62e4d2a22bd62aee2eb0de40f42e907ee7c08044e50d0fb
b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bd2a129f29805ca234b0c8374aec9b74a9795d1a0d1c3335bf42041839e843aa
bda4f48aa086eae3051a505a9959cf1ae9fab829a934069bdc146547cf79cc6e
be9f2a565ab87f8116aae70b759f704f1a258e8da5e46825f175fa91a130fc7e
c04e655006c626c5248f84f225d7a61788dd14781e1d4dc7e520316e8f4f2e09
c2c25f05092d541c3344cb084648179134e94e3aa3f2b1a3b12c1a3863b776c8
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
c429669a649a411315ea98674b1c38f7a4ea4167a4d094c189635b74c4b90ea6
c51c8d3d2763a08c5bad33551b731b79aa593655637fee6809c3a04788d0bcb5
ca4d251f5084875621c1125b049d340d96821ddc2bfc94bb1a905fe472b49f2f
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690
ce9dac4d65255594816786dd6a3b810bfe4795a5e1780e9f74fb5637d0bf8e54
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe297644c3b39cb2184ab006d06b601f83e155eacb5616e44d6aa79fdd8d115
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
d6e25238d199a625a8cfbb8412fc0b06900eb39c5dd76c41021b540b3e5060e2
d78b51e177a71a98987225594e0074e9ce17c1919f16e489f6e93ea6dc8add29
d8e6a5d4937e46087e0737105389558b6884278d96c4dd7f94c98226b5f23eb4
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e59b33f190619c0a72f134b8a63462def9238acbed251ef993fc84c6e0c54e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e55f74fbd62d2e12800750904cba9f5b4da47182cc2704dc640652280262d537
e60183d47088364f29f11121142e24ebabfb3325a3b7cefcd8f96c6321bf2fd9
e61f5c6cb30eb1216831a24d61cfb38b88fca37d0abe738ccbc2b773920d8e22
e77a15a69bd1b3e4089725d5b500511a96deecf34e2e5ff84cc34a445c292819
e79522da1bfba3d9e473e89c22acc561990785d6c5628f3ca41dc4e7dc05fcdb
e8f71d717299c94a1d30d2380550fb8af3737611e5a8378d1dc3db7215817024
e9e910479dc600f25b5abc21005a63f2025854fc12b887c76fdaf524902bcc0f
ea21f3eca0723de189c15c61888b5ebc021f77a400e50801127d517b5e65aafb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f271315a5c031429b1ec9b37e26c8dd685096314fe220bef4a4a79399db0590e
f621d941db372ba68b944654d10ca497ed6f2bbe036faf92297d3a2ff296d585
f91dd008629b885ba10c558f0b49cfe259f71df735caa798e9985d63ee0c499c
f926e83a74c520528b57f528791861d174476117e8ae480006ae3c34530cbb30
fe5d218d9dcf0c3f7966c738588c89a1e0e5677c11a4dd4bb2e8c91cc5040076

beforeitsnews.com Open in urlscan Pro 2606:4700:10::ac43:e6e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

173 Requests

100 %HTTPS

53 %IPv6

53 Domains

71 Subdomains

57 IPs

9 Countries

22931 kBTransfer

24009 kBSize

5 Cookies

30 Outgoing links

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

100 %
HTTPS

53 %
IPv6

53
Domains

71
Subdomains

57
IPs

9
Countries

22931 kB
Transfer

24009 kB
Size

5
Cookies

173 HTTP transactions
3 data transactions