beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On July 03 via manual (July 3rd 2021, 1:02:12 pm UTC) from AU

Summary HTTP 266 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 61 IPs in 5 countries across 45 domains to perform 266 HTTP transactions. The main IP is 2606:4700:10::6816:4b8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 46	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.193.126 13.224.193.126	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
6	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
6	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3036::6815:eb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:4f57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
4	178.21.113.136 178.21.113.136	29028 (COMPUKOS-AS) (COMPUKOS-AS)
1	2606:4700:303... 2606:4700:3032::6815:eb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:215... 2600:9000:2156:3200:1:93c2:a1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::6815:123e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:403e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	89.40.36.137 89.40.36.137	50939 (SPACE-AS) (SPACE-AS)
11	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
9	13.224.193.63 13.224.193.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 5	13.224.193.109 13.224.193.109	16509 (AMAZON-02) (AMAZON-02)
13	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	3.64.144.49 3.64.144.49	16509 (AMAZON-02) (AMAZON-02)
1	18.158.174.89 18.158.174.89	16509 (AMAZON-02) (AMAZON-02)
1 1	188.34.190.35 188.34.190.35	24940 (HETZNER-AS) (HETZNER-AS)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
19	2600:9000:20e... 2600:9000:20eb:e400:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
38	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	169.59.64.184 169.59.64.184	36351 (SOFTLAYER) (SOFTLAYER)
9	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
16	2a03:2880:f01... 2a03:2880:f01c:20f:face:b00c:0:1823	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f02... 2a03:2880:f02d:101:face:b00c:0:1823	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:f:face:b00c:0:1823	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
266	61

46 2606:4700:10::6816:4b8a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-126.fra2.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:407 (United States)

ASN13335 (CLOUDFLARENET, US)

sphorical.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.255.14 (United States)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:eb9 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:4f57 (United States)

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bnt-cdn.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.21.113.136 (Netherlands)

ASN29028 (COMPUKOS-AS, NL)

robscholtemuseum.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:eb5 (United States)

ASN13335 (CLOUDFLARENET, US)

settingbrushfires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:3200:1:93c2:a1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

photos.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:123e (United States)

ASN13335 (CLOUDFLARENET, US)

lisahaven.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:403e (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalblaze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.40.36.137 (Romania)

ASN50939 (SPACE-AS, RO)

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4a8a (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a2.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.224.193.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-63.fra2.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.193.109 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-109.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.64.144.49 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-144-49.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.174.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.34.190.35 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:20eb:e400:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.59.64.184 (United States)

ASN36351 (SOFTLAYER, US)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f01c:20f:face:b00c:0:1823 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

video-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:101:face:b00c:0:1823 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

video-frx5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:f:face:b00c:0:1823 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

video-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	beforeitsnews.com 1 redirects beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com a2.beforeitsnews.com	1 MB
38	facebook.com www.facebook.com	2 MB
29	tradingview.com s3.tradingview.com s.tradingview.com s3-symbol-logo.tradingview.com	252 KB
24	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	284 KB
21	fbcdn.net scontent-frx5-2.xx.fbcdn.net scontent-frt3-1.xx.fbcdn.net video-frt3-1.xx.fbcdn.net video-frx5-2.xx.fbcdn.net video-frx5-1.xx.fbcdn.net	839 KB
11	youtube.com img.youtube.com www.youtube.com	2 MB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net static.doubleclick.net	39 KB
8	googleapis.com fonts.googleapis.com www.googleapis.com translate.googleapis.com	102 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	67 KB
6	google-analytics.com www.google-analytics.com	58 KB
6	bitchute.com static-3.bitchute.com	206 KB
6	imgflip.com i.imgflip.com	563 KB
6	rmbl.ws sp.rmbl.ws	531 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
5	google.com www.google.com translate.google.com	17 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	robscholtemuseum.nl robscholtemuseum.nl	5 MB
3	rumble.com rumble.com	32 KB
3	jamesredpillsamerica.com jamesredpillsamerica.com	2 MB
3	ytimg.com i.ytimg.com	109 KB
2	lockerdome.com lockerdome.com	3 KB
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	google.de www.google.de	170 B
2	rddywd.com rddywd.com	1 KB
2	brighteon.com photos.brighteon.com	44 KB
2	googletagmanager.com www.googletagmanager.com	72 KB
1	ggpht.com yt3.ggpht.com	1 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	lentainform.com cm.lentainform.com	496 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	218 B
1	sharethrough.com match.sharethrough.com	263 B
1	idealmedia.io cm.idealmedia.io	413 B
1	googlesyndication.com pagead2.googlesyndication.com	48 KB
1	amg-news.com amg-news.com	705 KB
1	wp.com i0.wp.com	28 KB
1	naturalblaze.com www.naturalblaze.com	46 KB
1	lisahaven.news lisahaven.news	1 MB
1	settingbrushfires.com settingbrushfires.com	2 MB
1	b-cdn.net bnt-cdn.b-cdn.net	33 KB
1	iili.io iili.io	327 KB
1	medium.com miro.medium.com	49 KB
1	sphorical.site sphorical.site	39 KB
266	45

	Domain	Requested by
38	www.facebook.com	beforeitsnews.com www.facebook.com
28	beforeitsnews.com	1 redirects beforeitsnews.com
19	s3-symbol-logo.tradingview.com	beforeitsnews.com
18	img.beforeitsnews.com	beforeitsnews.com
16	video-frt3-1.xx.fbcdn.net	www.facebook.com
10	s-img.mgid.com	beforeitsnews.com
9	www.youtube.com	www.youtube.com
9	s.tradingview.com	s3.tradingview.com s.tradingview.com
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc beforeitsnews.com
6	cm.mgid.com	jsc.mgid.com beforeitsnews.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rumble.com
6	static-3.bitchute.com	beforeitsnews.com
6	i.imgflip.com	beforeitsnews.com
6	sp.rmbl.ws	beforeitsnews.com rumble.com
5	x.bidswitch.net	5 redirects
5	sb.scorecardresearch.com	2 redirects jsc.mgid.com beforeitsnews.com
4	www.google.com	beforeitsnews.com www.youtube.com
4	stats.g.doubleclick.net	www.google-analytics.com lockerdome.com
4	robscholtemuseum.nl	beforeitsnews.com
4	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com www.youtube.com
3	rumble.com	beforeitsnews.com rumble.com
3	www.gstatic.com	translate.googleapis.com www.youtube.com
3	jamesredpillsamerica.com	beforeitsnews.com
3	i.ytimg.com	beforeitsnews.com www.youtube.com
2	video-frx5-2.xx.fbcdn.net	www.facebook.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	creativecdn.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	servicer.mgid.com	jsc.mgid.com
2	www.google.de	beforeitsnews.com
2	cdn.mgid.com	beforeitsnews.com
2	c.mgid.com	jsc.mgid.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com
2	rddywd.com	beforeitsnews.com
2	jsc.mgid.com	beforeitsnews.com
2	photos.brighteon.com	beforeitsnews.com
2	img.youtube.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com s.tradingview.com
1	video-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	scontent-frx5-2.xx.fbcdn.net	www.facebook.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	a2.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.lentainform.com	beforeitsnews.com
1	bidswitch-eu.splicky.com	1 redirects
1	match.sharethrough.com	beforeitsnews.com
1	cm.idealmedia.io	beforeitsnews.com
1	secure-assets.rubiconproject.com	1 redirects
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	amg-news.com	beforeitsnews.com
1	i0.wp.com	beforeitsnews.com
1	www.naturalblaze.com	beforeitsnews.com
1	lisahaven.news	beforeitsnews.com
1	settingbrushfires.com	beforeitsnews.com
1	bnt-cdn.b-cdn.net	beforeitsnews.com
1	iili.io	beforeitsnews.com
1	miro.medium.com	beforeitsnews.com
1	sphorical.site	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
266	69

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
mitocopper.com
tinyurl.com
www.5starshine.com
50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net
3b7d7s3fml0cpg51en5xn5u-xz.hop.clickbank.net
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net
widgets.mgid.com
www.mgid.com
herbeauty.co
5startech.bioptimize.hop.clickbank.net
638d5y2gpk3zqffehhwlsg0x2t.hop.clickbank.net
polaraidhealth.com
www.fincabayano.net
www.braintuner.com
telegram.org
hop.clickbank.net
t.me
www.herbanomic.com
401c9z7sokw8o71org6pr43wcw.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.tradingview.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
sp.rmbl.ws R3	`2021-05-20` - `2021-08-18`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-05-06` - `2021-08-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
static-3.bitchute.com R3	`2021-07-03` - `2021-10-01`	3 months	crt.sh
robscholtemuseum.nl R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
*.b-cdn.net Sectigo ECC Domain Validation Secure Server CA	`2020-11-11` - `2021-11-11`	a year	crt.sh
brighteon.com Amazon	`2020-08-21` - `2021-09-20`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
amg-news.com R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.rumble.com DigiCert SHA2 Secure Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 2F6AAE0381298A0B5CD10E4C09868AA2
Requests: 134 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20216313
Frame ID: AE5A00651358C2F8A2EEB507D29896D1
Requests: 3 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20216313
Frame ID: 11CA5B38D9F4B1F9A04C38E543BD9083
Requests: 5 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 81AEC1E45CC595BE509837FFAD0B19D7
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/zrt_lookup.html
Frame ID: 3E341B3DABB189658C1DBB584845F0E2
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1625317308233718854522
Frame ID: C5FE90C825631D812565BE0E4A3FA7B9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 3E8160738E83A8CDC014F2EC4940DB71
Requests: 3 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 8EE945DF786F5C899DAF57C73A120A9C
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 3D6C1F05E61A3A7E09DE25F996001453
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 6DF5A669542A807593CCA1BA505F8D39
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 659EB6126D1A0251D6F574E5D3DC7842
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
Frame ID: C9A43610065A08B501B71874CB280E27
Requests: 59 HTTP requests in this frame

Frame: https://rumble.com/embed/vgq7gz/?pub=hw409
Frame ID: DDEF8A0630D7B44EC9A3B5787381B84D
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Kxdadyu1_S8
Frame ID: D5E04C059495A3037AC97AE3FC584E48
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

266
Requests

100 %
HTTPS

62 %
IPv6

45
Domains

69
Subdomains

61
IPs

5
Countries

19999 kB
Transfer

34943 kB
Size

8
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/lions-mane-whole-mind-nootropic-blend-60-capsules/
Title: Learn How To Sharpen Your Focus, Improve Mental Clarity and Enhance Mood Functions

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c

Search URL Search Domain Scan URL

URL: http://www.5starshine.com/

Search URL Search Domain Scan URL

URL: https://50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net/?tid=BINRTL21129
Title: Have You Been Struggling With Obesity But Can’t Figure Out Why? You MUST Watch This Now!

Search URL Search Domain Scan URL

URL: https://3b7d7s3fml0cpg51en5xn5u-xz.hop.clickbank.net/?tid=BINRTL1121320
Title: US Nuclear Target Map. Do You Live in The Danger Zone?

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: How To Manifest Anything You Desire In Life

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net/?tid=BINPTL
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://herbeauty.co/lifestyle/meet-woebot-a-therapist-in-an-app/

Search URL Search Domain Scan URL

URL: http://5startech.bioptimize.hop.clickbank.net/?w=mag
Title: 80% Of Americans Are Deficient In This Very Vital Nutrient. Click Here To Find Out What It Is

Search URL Search Domain Scan URL

URL: https://638d5y2gpk3zqffehhwlsg0x2t.hop.clickbank.net/?tid=MANIFESTATION_MIRACLE_BANNER

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: BEFORE IT'S NEWS ON TELEGRAM * GET THE TELEGRAM APP - https://telegram.org

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459
Title:

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/foodtravel/quick-recipes-you-should-try-in-2021/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/home/16-cleaning-and-hygiene-tips-to-help-keep-the-covid-19-virus-out-of-your-home/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/entertainment/7-beloved-movies-that-would-be-problematic-today/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/10-of-the-worlds-most-famous-female-spies/

Search URL Search Domain Scan URL

URL: https://hop.clickbank.net/?affiliate=5startech&vendor=totalpat&p=clt&tid=BINRTL11221
Title: FREE Invisible Night Vision Cap Light - Just Pay Shipping - Click Here For Details

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex
Title: THIS Humic Fulvic Complex Has Provided Major Health Benefits To Thousands. (See VIDEO)

Search URL Search Domain Scan URL

URL: https://401c9z7sokw8o71org6pr43wcw.hop.clickbank.net/?tid=BINRTL11129
Title: NEW Breakthrough Product Helps You To Look and Feel Better GUARANTEED! Must-See Video

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Tiny Self Defense Tool Drops a 270 Thug In 2 Seconds - Get Yours Now!

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/certified-organic-biotin/
Title: What Vitamin Gives You Beautiful Hair, Strong Nails, Amazing Skin and Helps Lose Weight? (VIDEO)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 124

https://x.bidswitch.net/sync?dsp_id=303&user_id=l63MKi9QSC16 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l63MKi9QSC16 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=9f9f9385-f410-426a-b2b1-c3357fde3f2b&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

Request Chain 125

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=9f9f9385-f410-426a-b2b1-c3357fde3f2b HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=9f9f9385-f410-426a-b2b1-c3357fde3f2b HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=9f9f9385-f410-426a-b2b1-c3357fde3f2b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 126

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=7f0921be-62c4-4399-97c6-7d6e4cf81dad&ttl=1627909308

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDYzTUtpOVFTQzE2&muidn=l63MKi9QSC16 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDYzTUtpOVFTQzE2&muidn=l63MKi9QSC16&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=l63MKi9QSC16&google_ula={guid},5&google_gid=CAESEIru8SWzwPqskc5jZHsLxDE&google_cver=1

Request Chain 129

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=RwcrUN5pUNfwWJekuCAN&pi=mgid&tc=1

Request Chain 130

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1625317308342&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625317308342&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

Request Chain 131

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1625317308343&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625317308343&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

266 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

119 KB
23 KB

653ms
637ms

Document
text/html

2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0f0485fd81f67c9549618a6c415a3e7dcfdcf01e97ebef16b2b3287cc8c909e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-type: text/html; charset=UTF-8
cf-ray: 66904deeeb614a8b-FRA
access-control-allow-origin: *
cache-control: private
set-cookie: SERVERID=s1; path=/ __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; SameSite=Lax; path=/; expires=Sat, 03-Jul-21 15:19:47 GMT; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Sat, 03 Jul 2021 13:01:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 03 Jul 2021 14:01:46 GMT
Location: https://beforeitsnews.com/
cf-request-id: 0b0e0f0937000017767b85b000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 66904deebd971776-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 _KRSshvvWcFjj8eVhUL7TTu75W0.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 49ms
28ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2542133
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: K522D3R0RH0204P8
x-amz-id-2: asuqKPIQP/RST6NJ+S20Sw1PTYqLIM9dgZlD6+5N2El6vJsSdDsTDZBoA0aoi2ufLwyrsyk0Zao=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7f176f4cc71059e93db3ae6263ce5c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iruw_GjpCNwc.7p7jDS427AkLHWsll2i
cf-ray: 66904df31eb44e4f-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
694 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0f5c7d6f0606594605c8cca0cef44484910c96a8c5d2e22c64fb897d5f00da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 03 Jul 2021 12:51:04 GMT
server: ESF
date: Sat, 03 Jul 2021 13:01:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jul 2021 13:01:47 GMT

GET
H3-29 200 global-bin-rev-20210610.css
beforeitsnews.com/static/css-v3/ 15 KB
4 KB 49ms
28ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/global-bin-rev-20210610.css
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992162
cf-polished: origSize=15665
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:36:32 GMT
server: cloudflare
etag: W/"60c1f940-3d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904df31ea94e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:05 GMT

GET
H3-29 200 fancybox-bin-rev-20210610.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 61ms
41ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20210610.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/fancybox-bin-rev-20210610.css
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992162
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:36:32 GMT
server: cloudflare
etag: W/"60c1f940-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904df31eaf4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:05 GMT

GET
H3-29 200 home-bin-rev-20210610.css
beforeitsnews.com/static/css-v3/ 28 KB
7 KB 62ms
41ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20210610.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4d0681893439b801c23f95b6ee65d6f7665a770e79c662e432c6fd62cd25f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/home-bin-rev-20210610.css
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1991842
cf-polished: origSize=29097
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:36:32 GMT
server: cloudflare
etag: W/"60c1f940-71a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 66904df31eb34e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:44:25 GMT

GET
H3-29 200 responsive-bin-rev-20210610.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 61ms
40ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20210610.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bb10375fd4cee8c271968dec8a2bfe4b3913b7a66f4862ab1c814c9088a2bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/css-v3/responsive-bin-rev-20210610.css
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992162
cf-polished: origSize=20566
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:36:32 GMT
server: cloudflare
etag: W/"60c1f940-5056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904df31eae4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:05 GMT

GET
H3-29 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 46ms
26ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jquery-fancybox-mobiledetect-uuid.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 893709
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 66904df31eac4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 30 Jun 2021 04:46:38 GMT

GET
H3-29 200 global-bin-rev-20210610.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 52ms
32ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20210610.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/global-bin-rev-20210610.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992162
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:35:54 GMT
server: cloudflare
etag: W/"60c1f91a-3145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904df31eab4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:05 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 44ms
31ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 73240
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 16:41:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df38dfd4a8b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 10 KB
11 KB 114ms
39ms Script
text/javascript 13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c481abeecbc6afc66ddd1f4aff8e1f9f4bf862a6d4ebd07aa65ed78749ba7a2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 10:38:16 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Fri, 02 Jul 2021 10:38:05 GMT
server: AmazonS3
age: 8612
etag: "8e70d699b08fe0ba8bf254ccd0a04330"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10517
x-amz-cf-id: HX4oyxBy4Lrw4B562hDhAv2HIHOomn2w0ofaJdRRjw0iQkyVhqcLgQ==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 43ms
30ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1323924
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 18 Jun 2022 05:16:23 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df38e024a8b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
187 B 44ms
31ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 69762
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 17:39:05 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df38dfb4a8b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/Ef7PdJQZr3k/ 17 KB
17 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Ef7PdJQZr3k/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c936a80440cdce5fff81cd947b9ca700f9632e5ca1848bb3fc31abc33539bb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:21:30 GMT
x-content-type-options: nosniff
server: sffe
age: 2417
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17083
x-xss-protection: 0
expires: Sat, 03 Jul 2021 14:21:30 GMT

GET
H2 200 scientist_reveals_real.jpg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 41ms
28ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 71134
cf-polished: origFmt=jpeg, origSize=55516
content-disposition: inline; filename="scientist_reveals_real.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 46020
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-d8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 17:16:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df38e044a8b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 tabs-bin-rev-20210610.js Show response
beforeitsnews.com/static/js-v3/ 148 B
697 B 38ms
38ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20210610.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/tabs-bin-rev-20210610.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992161
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:35:58 GMT
server: cloudflare
etag: W/"60c1f91e-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904df36f424e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:06 GMT

GET
H2 200 12098 Show response
sphorical.site/easylist/ 203 KB
39 KB 167ms
137ms Script
text/javascript 2606:4700:3036::6815:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sphorical.site/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e96f2825e34c6339ae9da28b4a6cf8c7d6565b76184c13e7de08b420ff2221f4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"30094ffee1428d6f31eee703afc886c7ca226381"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TZG2AruYcuPrhoNIUJwnZsGczocjpn%2FbD7UcFx3Ajj6Ujpr2b4oKB%2FArK%2FlsEi5%2Fx83WzxDQSZlwqk1wrQjvPb12oLDa9l4OeyL%2BeKJeygWnyZeLFwx8lMe3%2Fqb%2FwRqMAQmV3MXqk7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 66904df3ad5696ce-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c742ac1fd130e0087a412627b2cc4debc06c4c5f2274aea04cd9f1a23cbf170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37013
x-xss-protection: 0
last-modified: Sat, 03 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jul 2021 13:01:47 GMT

GET
H3-29 200 jsDeferParsing-bin-rev-20210610.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
1 KB 27ms
27ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20210610.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d844320be6d38c9e4903a6fee7b42d7315bb8a3086b1cc2df61f04cbeda3637

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jsDeferParsing-bin-rev-20210610.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992161
cf-polished: origSize=6187
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:35:56 GMT
server: cloudflare
etag: W/"60c1f91c-182b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904df36f444e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:06 GMT

GET
H3-29 200 DN2ljmq1lJUOI91HMatC4Qo4fdo.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2542133
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: JR6EVHYMTJPD9H89
x-amz-id-2: 8lqjof8CU3XqhE0pk6LDDUMzxj+w482f/KOSMK+I550PkoTLDrFicJlQCUhcBFYe1GbLVzAJEHg=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7a6e84d6417ab337f05fd7000f282762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: aBVNeaiVU3H7gys1mI2xPATDTQBfk7Cv
cf-ray: 66904df37f634e4f-FRA

GET
H3-29 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
735 B 26ms
26ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/top-bg.png
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 70153
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 17:32:34 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904df37f654e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 20ms
20ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/b4in/search.png
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 75697
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 16:00:09 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904df37f684e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v36/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 12:54:08 GMT
x-content-type-options: nosniff
age: 259659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16364
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:31:28 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 12:54:08 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v9/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 05:54:22 GMT
x-content-type-options: nosniff
age: 284845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15124
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:18:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 05:54:22 GMT

GET
H3-29 200 untitled(2).png
img.beforeitsnews.com/contributor/upload/106013/images/ 104 KB
105 KB 44ms
41ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/untitled(2).png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892e1745fa1d90670bc75a601352acca7c6dfad725ca6adea32b8598701cf7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 72908
cf-polished: origFmt=png, origSize=179546
content-disposition: inline; filename="untitled(2).webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 106458
last-modified: Fri, 21 Aug 2020 11:45:49 GMT
server: cloudflare
etag: "5f3fb3ed-2bd5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 16:46:39 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f8594e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 3QQ7b.qR4e-small-BREAKING-NEWS-CCP-DEFECTOR-.jpg
sp.rmbl.ws/s8/1/3/Q/Q/7/ 149 KB
149 KB 154ms
82ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/3/Q/Q/7/3QQ7b.qR4e-small-BREAKING-NEWS-CCP-DEFECTOR-.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5097d51b2ac7ffec58d3985e350678641385cd724eac23d5ad51494f01bbb1e1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
last-modified: Thu, 01 Jul 2021 17:03:48 GMT
etag: "84f69d1c047fd9878dfdde6cb3d84802"
x-hw: 1625317307.cds065.sk1.hn,1625317307.cds016.sk1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 152133

GET
H3-29 200 R.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 63 KB
64 KB 28ms
24ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de4dd491ad91e7078b2dd4a11ab60280ce8d75ea8ceed2d2076586bb85499c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 77611
cf-polished: origSize=67547, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 64696
last-modified: Fri, 02 Jul 2021 15:18:04 GMT
server: cloudflare
etag: "60df2e2c-107db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 15:28:16 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f85f4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 hqdefault%20(1)(5).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 23 KB
24 KB 36ms
32ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault%20(1)(5).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f307e63fa3f45740110f8eeb62fcb1e9cbcf5189aa5d40aacc317ccb4d66f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 130846
cf-polished: origSize=24814, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23916
last-modified: Thu, 08 Oct 2020 00:06:31 GMT
server: cloudflare
etag: "5f7e5807-60ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 00:41:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f8654e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5f8rc1.jpg
i.imgflip.com/ 59 KB
59 KB 85ms
33ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5f8rc1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e1423f9d6821667a0b3c65d2d00fffd9ed219f6b3514d7ee6d5893239cfb54e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
age: 87039
cf-polished: origSize=60789
cf-ray: 66904df45e93d891-CPH
content-length: 60298
x-amz-id-2: H/36443+OSW0kx/KSFmOjokDY4NJ7otiVV1hZgyRtNihgxzRmi1Dp6kVUBiVdaQAWzW8QCIILPQ=
last-modified: Fri, 02 Jul 2021 12:46:52 GMT
server: cloudflare
etag: "dbf4eb92591bbaba8fdbe560fc57bf22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: J7TAWWJRVR80D9G1
access-control-allow-origin: *
expires: Tue, 01 Jul 2031 13:01:47 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3-29 200 maxresdefault(146).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 19 KB
19 KB 42ms
36ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/maxresdefault(146).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b349827c1b1596d5382ab767d0ddf304b61d7b3b0a2d97004b2a3ab75edf78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 63559
cf-polished: origSize=20112, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19314
last-modified: Fri, 05 Feb 2021 16:22:26 GMT
server: cloudflare
etag: "601d70c2-4e90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 19:22:28 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f86e4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 1*Rjvs6uKDvGhm5lNtWbGDbQ.jpeg
miro.medium.com/max/700/ 48 KB
49 KB 54ms
28ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*Rjvs6uKDvGhm5lNtWbGDbQ.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ff4fb18f12a2cf2111cb3f982796895b75542f1308b41fa594706d426c1f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 278
x-envoy-upstream-service-time: 131
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 49642
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210625-142430-abd62260a9
accept-ranges: bytes
cf-ray: 66904df41fd816f2-FRA
expires: Mon, 02 Aug 2021 13:01:47 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/vKm996gC3iE/ 7 KB
7 KB 33ms
6ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/vKm996gC3iE/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00e8e2754cf8d62948bfc6874827336c44edf43285c38478f5d72df8c3da84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:01:56 GMT
x-content-type-options: nosniff
server: sffe
age: 3591
etag: "1624896197"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7198
x-xss-protection: 0
expires: Sat, 03 Jul 2021 14:01:56 GMT

GET
H3-29 200 Invaders_25_Dark_Outpost-1(1)(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 29 KB
29 KB 37ms
31ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Invaders_25_Dark_Outpost-1(1)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cc136775653a81f3cc7b882958d8d66be61a89f20431c5ca1f07f0075ebb304

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 45133
cf-polished: origSize=33003, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29582
last-modified: Tue, 09 Feb 2021 15:17:25 GMT
server: cloudflare
etag: "6022a785-80eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 03 Jul 2022 00:29:34 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f8714e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 POOF.jpg
jamesredpillsamerica.com/images/ 672 KB
673 KB 56ms
18ms Image
image/jpeg 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/POOF.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f73142070cf0aaddcbcf11e81d4546f681083413a9b9dc30a47b1c0a2e4b147

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 38435
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 687816
last-modified: Sat, 03 Jul 2021 01:55:09 GMT
server: cloudflare
etag: "60dfc37d-a7ec8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xmAa%2BFBFQ8TQZhZBrcoxRp6cA%2BqJDyGeaHSSv%2F3W5IYPuS0ZJaLX2vLAgE2v6rOmajn4fL15SAn1gN%2BHqhgpmMkORBhImjl6r3aVGk6wqrOi0by%2BJlCjhGBAPizlTEBzl9j1Nu8FrOvE%2F19QeXrSFRFa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df42c2f2b59-FRA
expires: Sun, 03 Jul 2022 02:21:11 GMT

GET
H3-29 200 OIP%20(1)gggg(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 34 KB
34 KB 41ms
35ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)gggg(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b7dbdfdde557111bb449efebcd6f8b789e3074373ba021763af12a97d6b6387

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 493187
cf-polished: origSize=37337, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34369
last-modified: Sun, 27 Jun 2021 19:54:06 GMT
server: cloudflare
etag: "60d8d75e-91d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 27 Jun 2022 20:02:00 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f8724e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ox2HwG.jpg
iili.io/ 326 KB
327 KB 43ms
13ms Image
image/jpeg 2606:4700:3031::6815:4f57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/ox2HwG.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4f57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72eee15ae964939884b562c91cfcdd8a4d7de887185fb9ff11016e0ad430d39

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
access-control-allow-methods: GET, OPTIONS
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 36626
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 333980
last-modified: Sat, 03 Jul 2021 01:12:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0O7ewEnKCQ7ugrGLiJ1W5J5YzKWKk6t9%2BFjfObKEodG3G2v57luKFr8VATjN5zkgxCJl6qbFS%2FzY8KwpjYFb1ByiFEtFkOcdmu56G%2BsqSFnuAwn8UZyLC92f8%2BRgtXHrDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 66904df41dd22bdd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mLqMCN1urDWd_640x360.jpg
static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/ 44 KB
45 KB 177ms
79ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Htw7sVXytG2m/mLqMCN1urDWd_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

2e53c00b4602d29acb9141b71a0a25fb41b7d87c6d82feb4dbc8328a1608d960

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000006bb4d0c-0060df954c-5206bc3-nyc3a
cdn-cachedat: 2021-07-03 00:38:04
cdn-pullzone: 89010
content-length: 45263
last-modified: Fri, 02 Jul 2021 22:12:20 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: d668ee085c687053c2d2f22e5d663a10
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H3-29 200 download%20-%202021-07-02T174335_237%20(3).jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 26 KB
26 KB 54ms
48ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/download%20-%202021-07-02T174335_237%20(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b38dd1f2ceedac97f871e11e018963494ef18b2b214b378c43b0913cf547af6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29777
cf-polished: origSize=53171, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26340
last-modified: Sat, 03 Jul 2021 04:29:45 GMT
server: cloudflare
etag: "60dfe7b9-cfb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 03 Jul 2022 04:45:30 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f8734e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK What-On-Earth-Happened1-tm-13-foto-YouTube-scaled.jpg
robscholtemuseum.nl/wp-content/uploads/2021/07/ 204 KB
204 KB 163ms
51ms Image
image/jpeg 178.21.113.136
COMPUKOS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://robscholtemuseum.nl/wp-content/uploads/2021/07/What-On-Earth-Happened1-tm-13-foto-YouTube-scaled.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.21.113.136 , Netherlands, ASN29028 (COMPUKOS-AS, NL),

Reverse DNS

Software

y-wh mod_fcgid/2.3.9 PHP/5.4.16 /

Resource Hash

27db63fa0690baeb3da9cf4c50db5939e67830952794cead83f830f1a3cc9567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jul 2021 13:01:47 GMT
Last-Modified: Sat, 03 Jul 2021 02:08:02 GMT
Server: y-wh mod_fcgid/2.3.9 PHP/5.4.16
ETag: "32f6a-5c62e8acb1094"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 208746

GET
H2 200 STRuoJweIZHE_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 35 KB
35 KB 138ms
53ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/STRuoJweIZHE_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

bdda83b82c9a8c9800db579af213ce4660698a7079a0a64bc045e6ee1490a2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cdn-edgestorageid: 755
x-amz-request-id: tx000000000000006b3599e-0060df99dd-521072d-nyc3a
cdn-cachedat: 2021-07-02 22:57:33
cdn-pullzone: 89010
content-length: 35759
last-modified: Fri, 02 Jul 2021 22:52:06 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 31439873f5a5e3044e8dea328290f254
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 jS97b.qR4e-small-SITUATION-UPDATE-7221.jpg
sp.rmbl.ws/s8/1/j/S/9/7/ 100 KB
100 KB 88ms
31ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/j/S/9/7/jS97b.qR4e-small-SITUATION-UPDATE-7221.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 795568e2ce378173973dd5558d429526ea5d679382c35d42fda3768de1e9d9d8

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
last-modified: Fri, 02 Jul 2021 20:34:41 GMT
etag: "bb46371684c178d06332ab3c5b903ee9"
x-hw: 1625317307.cds065.sk1.hn,1625317307.cds231.sk1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 102478

GET
H2 200 Yq7tpAMs8z6p_320x180.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 18 KB
19 KB 163ms
79ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/Yq7tpAMs8z6p_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

473c0c16cb2f3a17e4e211ae1505c4a01e02247de73c05d4545fa0a802033bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cdn-edgestorageid: 756
x-amz-request-id: tx0000000000000050902aa-0060dbe528-521072d-nyc3a
cdn-cachedat: 2021-06-30 05:29:44
cdn-pullzone: 89010
content-length: 18909
last-modified: Wed, 30 Jun 2021 03:26:37 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 62cd9ddd7ef6499c7699124cb62e9d80
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 mowsrjWjtC5p_640x360.jpg
static-3.bitchute.com/live/cover_images/8LyqCWp3SSH4/ 38 KB
39 KB 156ms
71ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/8LyqCWp3SSH4/mowsrjWjtC5p_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

2be764d0ba481df1ab2500790a145ba4fcd4fab0a4a927f5c0ea8e027e22ad7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-07-02 02:51:02
cdn-pullzone: 89010
content-length: 39362
x-amz-request-id: tx000000000000004b54e49-0060de62f6-523395d-nyc3a
last-modified: Fri, 02 Jul 2021 00:46:12 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 1b817faae30ffc8c388628af6c695f58
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 YgjzTfOVARVp_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 40 KB
41 KB 523ms
439ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/YgjzTfOVARVp_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

c0d772ac64e69a9a301d5ea81e1f3cddb59f2438eaf22b599ec5fe8a0d8e8446

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cdn-edgestorageid: 565
x-amz-request-id: tx0000000000000062443ea-0060de4dce-5206bc3-nyc3a
cdn-cachedat: 2021-07-02 01:20:46
cdn-pullzone: 89010
content-length: 41318
last-modified: Thu, 01 Jul 2021 23:11:55 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 25152e9ab7ece19cebc5aee640a84fdf
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 5f4z14.jpg
i.imgflip.com/ 79 KB
80 KB 114ms
77ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5f4z14.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c81451d9b65974bb499de443a7ef72f4fed79c7165a9a975348f252c0b5c6d2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
age: 167723
cf-polished: origSize=81708
cf-ray: 66904df45e95d891-CPH
content-length: 81340
x-amz-id-2: 1i9NuSK3UjYY3pP6m3Q5ywiQb5qgLor+upcV8iH31vwQv/f4QxwOOx8lqm/JKKoSXSl3HdyZkN8=
last-modified: Thu, 01 Jul 2021 14:21:35 GMT
server: cloudflare
etag: "d4b93aa02e4ca5c42e97e95b02eadfb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 3SV60V6J1NDNCT5H
access-control-allow-origin: *
expires: Tue, 01 Jul 2031 13:01:47 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3-29 200 154052839_3804964539586459_6964768261418731613_n.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 24 KB
25 KB 54ms
49ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/154052839_3804964539586459_6964768261418731613_n.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3589a507d7265dfa010f90dfb9335d6a2b790872bda92fabb42ecce357b2611f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49298
cf-polished: origSize=27065, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24493
last-modified: Fri, 02 Jul 2021 23:03:38 GMT
server: cloudflare
etag: "60df9b4a-69b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 23:20:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f8754e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 RQcF6JLNFphnJVahO2rk_05_0f6b4b2047c74f8661b6bc1718aec38f_image.jpg
bnt-cdn.b-cdn.net/upload/photos/2020/09/ 33 KB
33 KB 141ms
53ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnt-cdn.b-cdn.net/upload/photos/2020/09/RQcF6JLNFphnJVahO2rk_05_0f6b4b2047c74f8661b6bc1718aec38f_image.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE1-713 /
Resource Hash: 6605e5e02ccbdf479a9fb8962c3b16ac3aca8d0831c128a0c7e208dc846e937e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cdn-edgestorageid: 632
cdn-storageserver: DE-51
cdn-cachedat: 2021-06-08 21:09:30
cdn-pullzone: 346071
content-length: 33657
last-modified: Fri, 16 Apr 2021 21:51:50 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: ba3dbe41-b895-4fc3-945e-7bbce5e2fd7a
cache-control: public, max-age=2592000
cdn-requestid: 29e70a63877aecbb9c6d2c6ad9178ef5
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 Dr.-Andreas-Kalckers-Chlorine-Dioxide-Study-Is-Out-The-Results-Are-Incredible.jpg
settingbrushfires.com/wp-content/uploads/2021/06/ 2 MB
2 MB 75ms
40ms Image
image/jpeg 2606:4700:3032::6815:eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://settingbrushfires.com/wp-content/uploads/2021/06/Dr.-Andreas-Kalckers-Chlorine-Dioxide-Study-Is-Out-The-Results-Are-Incredible.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e88b8590e895a4f2c75d93ffe0cd77742e4b0ae50a4ac4d09e5974a56ca2c7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 775572
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1732598
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 24 Jun 2021 13:32:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vNVJJ5ivzR4UPio%2BhFLptMMJA5%2B0e5S8ty2QInDWu1t9VChCZwAD5QcHIRVFAF36TVhCGitPddFWilNBHHRRmApAKbMYGx4ZjYQKzMbfwyEJh5SDl9udIhAJN8m9amy96BQWqqPw%2FBrOm5IDqp77"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df469252b71-FRA
expires: Fri, 24 Jun 2022 13:35:35 GMT

GET
H2 200 5dxhvs.jpg
i.imgflip.com/ 207 KB
207 KB 97ms
93ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5dxhvs.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 674cd866661680e597374faa299658c7a8703c221e7900ac3119bcdc3a472e7e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
age: 1114809
cf-polished: origSize=214552
cf-ray: 66904df45ea4d891-CPH
content-length: 211757
x-amz-id-2: I99WooUDa1ZKF0bDH1Bc90+57XdXt4R8Y+Dfo2whzgnCttkUQNet0gfkL8nrUJVlDGcTVM0vuCo=
last-modified: Sun, 20 Jun 2021 15:12:34 GMT
server: cloudflare
etag: "106b6a60a3e6eeb80b4da6fb56eeb089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 88Z4VD9ANWBW6DVJ
access-control-allow-origin: *
expires: Tue, 01 Jul 2031 13:01:47 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 7706673f-1a9a-49ae-8ae1-7870ac20bf49
photos.brighteon.com/thumbnail/ 24 KB
24 KB 57ms
14ms Image
image/jpeg 2600:9000:2156:3200:1:93c2:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.brighteon.com/thumbnail/7706673f-1a9a-49ae-8ae1-7870ac20bf49
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3200:1:93c2:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8215424cf0c53d83214760b379ddad6eff056e9dd8a64a9c7e8f40a5aba821f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 15:50:38 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Fri, 02 Jul 2021 14:44:17 GMT
server: AmazonS3
age: 76270
etag: "d69f72cbd502c14df86880ea03746699"
x-cache: Hit from cloudfront
x-amz-meta-optimized: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 24288
x-amz-cf-id: XPAZUyt8LLBsMNK3gatZs_hO1sC5cfkyKQNkernrGYH8YZjiCzu18w==

GET
H3-29 200 hqdefault.jpg
img.youtube.com/vi/iHFSbq9WwO4/ 42 KB
42 KB 24ms
7ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/iHFSbq9WwO4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de5c68f8e804e74663d3133a488612b1cd12038ea25f2a39128b51cfc78480e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:59:34 GMT
x-content-type-options: nosniff
server: sffe
age: 133
etag: "1624551100"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43084
x-xss-protection: 0
expires: Sat, 03 Jul 2021 14:59:34 GMT

GET
H2 200 5f6qrw.jpg
i.imgflip.com/ 76 KB
76 KB 123ms
113ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5f6qrw.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a25eed2a4aca273494f7d96a84e0319fe77e613d53ac9fab513e843b43d33fa

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
age: 138153
cf-polished: origSize=78241
cf-ray: 66904df46eb5d891-CPH
content-length: 77856
x-amz-id-2: L3jsZ5O19gSHqwLkaiQ3vuscrn7wuIBiP+LkOwzmcphSRzPLIb78+a0FUKoSDoh9cZol5JFD6LE=
last-modified: Thu, 01 Jul 2021 22:33:58 GMT
server: cloudflare
etag: "c726a3aa861872e289132e62b80905ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4T11DHWFCNN3YYRN
access-control-allow-origin: *
expires: Tue, 01 Jul 2031 13:01:47 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3-29 200 elon-musk-1.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 30 KB
31 KB 55ms
51ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/elon-musk-1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c482195ca466e9368874d0bd518aef7f74c3d9b36f8ff43013bdff9e67bd148

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 137951
cf-polished: origSize=32351, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30902
last-modified: Thu, 07 May 2020 16:00:12 GMT
server: cloudflare
etag: "5eb4308c-7e5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Jul 2022 22:42:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f8774e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 WHISTLEBLOWERS.jpg
jamesredpillsamerica.com/images/ 786 KB
787 KB 37ms
19ms Image
image/jpeg 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/WHISTLEBLOWERS.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8880084ac52ba3deb259d4089d6303d1fb6a5e5c2ae5dda6c8256d83f9eee33

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 738532
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 804994
last-modified: Thu, 24 Jun 2021 23:51:47 GMT
server: cloudflare
etag: "60d51a93-c4882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RAIHzpHugeGNOsaLTSpaQ0Zy4RxooC%2Bm6FFoU5oc0HLDfKdEcnUJTvGixoCIqL%2B8XHBXWR8I1jIiiq%2FGi484h%2BiBTklZHWDCb93OSik0tg6AELCXCAbKedAt39RL2%2FMYM4uKd5CcmvVp3nd0ZGk1LUa1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df469102c52-FRA
expires: Fri, 24 Jun 2022 23:52:55 GMT

GET
H3-29 200 58836eb68d0b20a68ac08579ba2c28f3(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 13 KB
13 KB 56ms
53ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/58836eb68d0b20a68ac08579ba2c28f3(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bbb1f3a4684166859f238185f3825aa0e7b1ef293b393fef209143f0f8152f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 70702
cf-polished: origSize=15956, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12897
last-modified: Fri, 02 Jul 2021 17:03:38 GMT
server: cloudflare
etag: "60df46ea-3e54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 17:23:25 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f8794e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 FRAUD-FAUCI.jpg
jamesredpillsamerica.com/images/ 844 KB
844 KB 31ms
13ms Image
image/jpeg 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/FRAUD-FAUCI.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc4b03b1b82393783ce510c14e2cca763e352a412d5da0c79b6594573af53b4e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 216044
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 863771
last-modified: Wed, 30 Jun 2021 22:27:27 GMT
server: cloudflare
etag: "60dcefcf-d2e1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=riJJBeU0vzMRCMl1xG0V%2Bbr5gJwghAmjRHGI5%2Fhrs5ZTkFsNwuX%2B3KddIUjlQWy3CwG4rqwZBO%2FSQnea5czQZBVZcwmRk2ZXZ1mA9uz7%2F9AqXLIsk0o7w%2Fe%2BYlDht867fVnkaUqFckVtMCH4Ihrg1WnN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df4690c2c52-FRA
expires: Fri, 01 Jul 2022 01:01:03 GMT

GET
H/1.1 200
OK Antarctica-and-the-Origins-of-the-Dark-Fleet-foto-Vimeo-1-scaled.jpg
robscholtemuseum.nl/wp-content/uploads/2021/07/ 429 KB
429 KB 154ms
39ms Image
image/jpeg 178.21.113.136
COMPUKOS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://robscholtemuseum.nl/wp-content/uploads/2021/07/Antarctica-and-the-Origins-of-the-Dark-Fleet-foto-Vimeo-1-scaled.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.21.113.136 , Netherlands, ASN29028 (COMPUKOS-AS, NL),

Reverse DNS

Software

y-wh mod_fcgid/2.3.9 PHP/5.4.16 /

Resource Hash

9ab5784798bb5524845afef2ca4a44469511410c5e055add9a5deca2a253e877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jul 2021 13:01:47 GMT
Last-Modified: Sat, 03 Jul 2021 07:16:37 GMT
Server: y-wh mod_fcgid/2.3.9 PHP/5.4.16
ETag: "6b378-5c632da5d9e94"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 439160

GET
H2 200 XhX7b.qR4e-small-SITUATION-UPDATE-7121.jpg
sp.rmbl.ws/s8/1/X/h/X/7/ 100 KB
101 KB 113ms
110ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/X/h/X/7/XhX7b.qR4e-small-SITUATION-UPDATE-7121.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 4719921e36895d8f53e9bc3e6239f80e5ad9c68d856473f43b6c483d615652ec

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
last-modified: Fri, 02 Jul 2021 01:36:36 GMT
etag: "0b7f9a27eb82236a6375e101eccbb448"
x-hw: 1625317307.cds065.sk1.hn,1625317307.cds213.sk1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 102766

GET
H3-29 200 hqdefault(248)%20(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 20 KB
20 KB 57ms
53ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(248)%20(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2afc8a488dd591afcf9ee6f6e91f808834fa48a16c477a6cdb3965c5796f3e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 142777
cf-polished: origSize=21041, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20287
last-modified: Wed, 07 Apr 2021 15:46:45 GMT
server: cloudflare
etag: "606dd3e5-5231"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Jul 2022 21:22:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f87c4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Screen-Shot-2021-07-02-at-10.47.10-AM.png
lisahaven.news/wp-content/uploads/2021/07/ 1 MB
1 MB 55ms
19ms Image
image/png 2606:4700:3031::6815:123e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lisahaven.news/wp-content/uploads/2021/07/Screen-Shot-2021-07-02-at-10.47.10-AM.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3031::6815:123e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca0e70196fb6560eb5ade04a93cff4450f6486cf07c5b11fd0a0e419664b6c34

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2629
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1073460
last-modified: Fri, 02 Jul 2021 17:55:46 GMT
server: cloudflare
etag: "106134-5c627aa48cb94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eioxKAgs%2BKydPHtoNpMhah1rKFkiA3PhAFfZY%2BV16Ya4Nq05uPzcg2XCquXbxEqfFWRSFsc2DVeKypVvuATSv%2BYsfalVbkjOeIfLLhXpvp8AiUx%2Br9cz7EM0%2BeVmVzK27mAo6uxVk6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 66904df4ef3b05d4-FRA

GET
H2 200 5b66b.qR4e-small-Charlie-Ward-and-Mel-K-Stor.jpg
sp.rmbl.ws/s8/1/5/b/6/6/ 121 KB
121 KB 97ms
95ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/5/b/6/6/5b66b.qR4e-small-Charlie-Ward-and-Mel-K-Stor.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7a8ac72f552e8098ae08b576b2b1b13d55df74faf91c20e4eb01603f919bea3a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
last-modified: Mon, 28 Jun 2021 23:35:05 GMT
etag: "4328c5176b41d391dd6ea02ce920b27c"
x-hw: 1625317307.cds065.sk1.hn,1625317307.cds218.sk1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 123886

GET
H2 200 battle.jpg
www.naturalblaze.com/wp-content/uploads/2021/07/ 46 KB
46 KB 53ms
20ms Image
image/jpeg 2606:4700:3031::6815:403e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalblaze.com/wp-content/uploads/2021/07/battle.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:403e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55ba4b82d926f451eb2715376235c69d9ccc08f9d66569d88cc2c1010213744

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 63237
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 46695
last-modified: Fri, 02 Jul 2021 18:49:55 GMT
server: cloudflare
etag: "60df5fd3-b667"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zqcKztF44tFoNErGGdSIeRGaoyA%2FMhNZ8nGRU1oJwcMrDKrxSgZSrWQRhwiGRgKiqBjKIY2fxK76LGvl%2F%2F6s%2Fojp7ba8sBskHESNmmDePUie%2BkUm0sokPbjU4v8xLQajJirHLVPqC76dzKbebPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 66904df4f9202b65-FRA

GET
H3-29 200 VirusDD.jpg
img.beforeitsnews.com/contributor/upload/461640/images/ 52 KB
53 KB 56ms
54ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/461640/images/VirusDD.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1460fe0ec3c526cbb6455ba6bf22483d93ba0eb173276a87b863bf19bcd468f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 413056
cf-polished: origSize=57049, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 53665
last-modified: Sat, 13 Mar 2021 11:10:10 GMT
server: cloudflare
etag: "604c9d92-ded9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 28 Jun 2022 18:17:31 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f87e4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK Eye-of-Horus-Correlation-with-Human-Limbic-System-foto-Pinterst.gif
robscholtemuseum.nl/wp-content/uploads/2021/07/ 4 MB
4 MB 105ms
35ms Image
image/gif 178.21.113.136
COMPUKOS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://robscholtemuseum.nl/wp-content/uploads/2021/07/Eye-of-Horus-Correlation-with-Human-Limbic-System-foto-Pinterst.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.21.113.136 , Netherlands, ASN29028 (COMPUKOS-AS, NL),

Reverse DNS

Software

y-wh mod_fcgid/2.3.9 PHP/5.4.16 /

Resource Hash

d08282ee93376e2e203bb5413b47b18b9e726cd44d333ef8e733475394961a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jul 2021 13:01:47 GMT
Last-Modified: Fri, 02 Jul 2021 22:35:48 GMT
Server: y-wh mod_fcgid/2.3.9 PHP/5.4.16
ETag: "3868c4-5c62b93bdad31"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3696836

GET
H2 200 2c005e8e-3b9f-4d25-92f0-a65ce509d429
photos.brighteon.com/thumbnail/ 20 KB
20 KB 10ms
8ms Image
image/jpeg 2600:9000:2156:3200:1:93c2:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.brighteon.com/thumbnail/2c005e8e-3b9f-4d25-92f0-a65ce509d429
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3200:1:93c2:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 755e42d3eae92980ac7b88519e5e583e530de62d630c5c7c99a2f49545e9210a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 21:45:08 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jul 2021 20:07:07 GMT
server: AmazonS3
age: 141400
etag: "c5db098b2220d6b313599f7ffaebe815"
x-cache: Hit from cloudfront
x-amz-meta-optimized: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 20409
x-amz-cf-id: gSZOeJRO21FW2gKB6Ficf1-Golulsa8tnbha-zjg2kh4fjPt-wVVpg==

GET
H2 200 goldenagekuthumi.png
i0.wp.com/www.indianinthemachine.com/wp-content/uploads/2021/06/ 28 KB
28 KB 107ms
30ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.indianinthemachine.com/wp-content/uploads/2021/06/goldenagekuthumi.png?fit=300%2C155&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d47f691f68156ed07c3439962c26552341b72622d128f68bda1d74b43d15cab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Sat, 03 Jul 2021 13:01:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Jun 2021 14:47:16 GMT
server: nginx
etag: "95a589269208fbf8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.indianinthemachine.com/wp-content/uploads/2021/06/goldenagekuthumi.png>; rel="canonical"
content-length: 28818
expires: Thu, 29 Jun 2023 02:47:16 GMT

GET
H2 200 5f8ue7.jpg
i.imgflip.com/ 73 KB
73 KB 87ms
86ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5f8ue7.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2db1220f9403abf20d0240cef9438e7ba193316d02cda9400b25634662bb6e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
age: 85230
cf-polished: origSize=74946
cf-ray: 66904df52fa8d891-CPH
content-length: 74540
x-amz-id-2: f+ab0dtBSS+PC/05IvX95pqpP58lRT81igqIhrvF+vvJVvXDQ/HiMcGVTDdvROZcwMqDb1fgdc4=
last-modified: Fri, 02 Jul 2021 13:14:12 GMT
server: cloudflare
etag: "c3ca6e38d445b520f9d9e26c143a3b38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: K9BBDAH67PTFBRSW
access-control-allow-origin: *
expires: Tue, 01 Jul 2031 13:01:47 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3-29 200 maxresdefault.jpg
i.ytimg.com/vi/ayQQA-SiD3g/ 81 KB
81 KB 23ms
7ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ayQQA-SiD3g/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3fb5f3e37b4a2b47b7bd13e7f67c39cbe483b1a3be258db803a6848eb458cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:14:54 GMT
x-content-type-options: nosniff
server: sffe
age: 2813
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83190
x-xss-protection: 0
expires: Sat, 03 Jul 2021 14:14:54 GMT

GET
H/1.1 200
OK Fall-of-the-Cabal-The-Sequel-17-Part-Series-foto-The-Real-Truth-Network.png
robscholtemuseum.nl/wp-content/uploads/2021/01/ 687 KB
688 KB 104ms
35ms Image
image/png 178.21.113.136
COMPUKOS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://robscholtemuseum.nl/wp-content/uploads/2021/01/Fall-of-the-Cabal-The-Sequel-17-Part-Series-foto-The-Real-Truth-Network.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.21.113.136 , Netherlands, ASN29028 (COMPUKOS-AS, NL),

Reverse DNS

Software

y-wh mod_fcgid/2.3.9 PHP/5.4.16 /

Resource Hash

c39a9f411b782816b572233a27909241466731ad90f6c758b64aa0040d22c6c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jul 2021 13:01:47 GMT
Last-Modified: Sat, 16 Jan 2021 13:11:24 GMT
Server: y-wh mod_fcgid/2.3.9 PHP/5.4.16
ETag: "abdb1-5b90439d4b5df"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 703921

GET
H2 200 303k2vKwNzzU_640x360.jpg
static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/ 27 KB
27 KB 36ms
34ms Image
image/jpeg 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/303k2vKwNzzU_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-713.bunnyinfra.net

Software

BunnyCDN-DE1-713 /

Resource Hash

4d95ee941b3c472f8ce6db98a735f3ac25713ba70a7a38dfc95fcb3695ecb986

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cdn-edgestorageid: 722
x-amz-request-id: tx0000000000000067d28b4-0060df31e0-5209854-nyc3a
cdn-cachedat: 2021-07-02 17:33:52
cdn-pullzone: 89010
content-length: 27548
last-modified: Fri, 02 Jul 2021 15:33:44 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: abade93ca1dfc242bf86f98c35fab1e6
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H3-29 200 photo_2021-06-28_08-46-05.jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 43 KB
44 KB 60ms
59ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/photo_2021-06-28_08-46-05.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

161d3318c8711699f208283a602f9aea6bb998fd04279472f4e9cd476ebc60f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 213397
cf-polished: origSize=75574, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 44142
last-modified: Thu, 01 Jul 2021 01:24:02 GMT
server: cloudflare
etag: "60dd1932-12736"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Jul 2022 01:45:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df3f87f4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 0-34.png
amg-news.com/wp-content/uploads/2021/06/ 704 KB
705 KB 261ms
111ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/06/0-34.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c47d777d0855206ec9ad649bbb93589c7ac84e367ff05b86bfb2b036b99666f8

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
last-modified: Sat, 26 Jun 2021 18:38:54 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 721201
expires: Sat, 10 Jul 2021 13:01:47 GMT

GET
H2 200 5esj9p.jpg
i.imgflip.com/ 66 KB
67 KB 100ms
97ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5esj9p.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5606fd1ee298a881907f63db9306e3292178cddc82eae68dd2dd0dc0a5c9bb0d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
age: 426333
cf-polished: origSize=68505
cf-ray: 66904df54fd1d891-CPH
content-length: 67999
x-amz-id-2: UG2+J9+K/jRJ0w9Hno6tLZu/DUrSRplYey+m5dkPdOEYgZ8dS91s1AAWNeb3aLe4u5d4eLjjqbE=
last-modified: Mon, 28 Jun 2021 14:24:53 GMT
server: cloudflare
etag: "7d6168b8f90e5e0bd77b7a7c41903f93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: QVZ1J64BTFKXDY0K
access-control-allow-origin: *
expires: Tue, 01 Jul 2031 13:01:47 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3-29 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
16 KB 42ms
41ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/culturebg.jpg
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1820797
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 12 Jun 2022 11:15:10 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904df418d14e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame AE5A 282 KB
70 KB 103ms
50ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20216313
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4e1f98f4ee0b5215b1d04ae204ea322a719453e2ac5cfbd42c68ae6d9e8eb78

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 4237
cf-polished: origSize=288281
last-modified: Thu, 24 Jun 2021 10:10:47 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: HMYEYJRHE92J2G98
x-amz-id-2: vkl37A02b4gcSQb2kPK945WW+oy7lvP9yQM+BBmdKQMG/RSh1tCp3JWFj32WzWUYYzlu3xWRb/M=
cf-bgj: minify
server: cloudflare
etag: W/"01b6280a97c736689b41909b4731a6f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 66904df5bcd7d8a9-CPH
expires: Sat, 03 Jul 2021 16:01:47 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 11CA 281 KB
70 KB 146ms
98ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20216313
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20a6b71288b80acf47c79d82ac3ea6d2a724985e1569325978efef53c379547a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 4237
cf-polished: origSize=287742
last-modified: Thu, 24 Jun 2021 10:07:04 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: VJBSHP4V5BAP67VF
x-amz-id-2: 5cDO9zVvAqfGTEBKm6NJ1Yv/CClzTQokOVWaejkn1B2dLW42s6BYFXzFdORtdjT+NE7vstTlPso=
cf-bgj: minify
server: cloudflare
etag: W/"79f68f5bfa5d966a44c73774a29d1560"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 66904df5bcd8d8a9-CPH
expires: Sat, 03 Jul 2021 16:01:47 GMT

GET
H3-29 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 35ms
33ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner/BIN_Join_Telegram_bg-min.jpg
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 893621
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 23 Jun 2022 04:48:06 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904df428f44e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e035cc0d466ad57791319e528e7172ef1c27b055dd39e3981ad19bea7531085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48746
x-xss-protection: 0
server: cafe
etag: 3007245554692486900
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 03 Jul 2021 13:01:47 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
594 B 58ms
30ms Script
application/javascript 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26449
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0TdoXoZ47Eol%2BTrLJULDMt32B1FT4QQJy4b3G7wgD2%2BcvW2gv3Wb7oTbbR0HV6yt52EveQTA5yp9aDJwAdCHmEmwqUqaS8EvGKeZXdudaJvZgN1ULvC06UaUTR2zs3ZTnmVW2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 66904df5ac025364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9

GET
H2 200 adcode.png
rddywd.com/ 43 B
646 B 68ms
41ms Image
image/gif 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 26162
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7yw87odyNM5kn893CfLRo2g63dLi39LQpIrwbQqbM0wq1kEJk8njsYYm05A%2ByiQDkF1knDlTel8%2F1%2BxXy3q7tG2c9EYcJBroiFYrUazMLtWiFD%2FWqidkN6BNidM1DUF491JPRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 66904df5aa82177e-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 7ms
5ms Image
text/plain 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 31ms
26ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/v3/logo-bottom.jpg
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 71863
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 17:04:04 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904df469794e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 15 B
595 B 648ms
617ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9e22f72e6c1ec89f91e157629c197555fbd4060c7f303f8da9a55de093da3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 66904df4fbc72b1a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15

GET
H3-29 200 Screen%20Shot%202021-07-01%20at%203_15_29%20AM.jpg
img.beforeitsnews.com/contributor/upload/744687/images/ 32 KB
32 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/744687/images/Screen%20Shot%202021-07-01%20at%203_15_29%20AM.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a42a17f4a59659c1e8a52ad3caf966b00bc0f37f7cec85951a9abf792bbe822b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 209726
cf-polished: origSize=37782, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 32266
last-modified: Thu, 01 Jul 2021 01:45:18 GMT
server: cloudflare
etag: "60dd1e2e-9396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Jul 2022 02:46:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66904df4daa64e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4785
date: Sat, 03 Jul 2021 11:42:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sat, 03 Jul 2021 13:42:02 GMT

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 81AE 19 KB
7 KB 127ms
40ms Document
text/html 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-63.fra2.r.cloudfront.net

Software

tv /

Resource Hash

661693d8400dd56429b5f0b12f46df537d4010b6bbc36ccb00a77920ed99acb4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://www.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-MSYlztKjOZzimLpr'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Sat, 03 Jul 2021 13:00:44 GMT
expires: Sat, 03 Jul 2021 13:02:44 GMT
cache-control: max-age=120
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://www.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-MSYlztKjOZzimLpr'; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5ZYzWO2tObUAREmDDRFLp8w7jmm_wlQJ_c3zXtv-iNdd5A4isWW24g==
age: 63

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/ Frame 3E34 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210630/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 03 Jul 2021 04:01:27 GMT
expires: Sat, 17 Jul 2021 04:01:27 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 32420
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=484595182&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1591401777&gjid=185434770&cid=1051320217.1625317308&tid=UA-16055024-1&_gid=1421143118.1625317308&_r=1&gtm=2ou6u0&z=1035241302

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
304 B 116ms
115ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1625317307941465971545&uniqId=01085&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=17a6c75f626a2d57e49&site=310742&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20216313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904df6befed8a9-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 37ms
29ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 5697
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 66904df6cf12d8a9-CPH
expires: Sun, 04 Jul 2021 13:01:47 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
790 B 38ms
30ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 6256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 1D76EA8A206ECCA7
x-amz-id-2: lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 66904df6cf13d8a9-CPH
expires: Sun, 04 Jul 2021 13:01:47 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 en.92c9bc654d75cc0b.js Show response
s.tradingview.com/static/localization/translations/ Frame 81AE 354 KB
57 KB 41ms
41ms Script
application/javascript 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.92c9bc654d75cc0b.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-63.fra2.r.cloudfront.net

Software

tv /

Resource Hash

7248e32ebd92d2ac3ab5ee0c0f7c7a35cea713bdd2577bba1de4b7562ee5f483

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 10:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181122
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 01 Jul 2021 09:45:20 GMT
server: tv
etag: W/"60dd8eb0-df9b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: jG2N2nEfmRi93gSwbQiN9o2wo1v3z6ozsNlVvDJCR_Wvrm07kPdUYA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.d79c6735587b632092dc.js Show response
s.tradingview.com/static/bundles/embed/ Frame 81AE 57 KB
21 KB 73ms
73ms Script
application/javascript 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.d79c6735587b632092dc.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-63.fra2.r.cloudfront.net

Software

tv /

Resource Hash

462084d4cb614c5f8ba6252ccc8cd15bba6597ffd0c08884efea070609f16d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 10:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94962
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 02 Jul 2021 09:29:48 GMT
server: tv
etag: W/"60dedc8c-510b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: snTpqUdPqPqpAieYlUKDBxmpglv4Qm6Vg2xuH5ma5VJstrTNVW9_NA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.0d44e6689112817e5df8.js Show response
s.tradingview.com/static/bundles/embed/ Frame 81AE 143 KB
48 KB 35ms
35ms Script
application/javascript 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.0d44e6689112817e5df8.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-63.fra2.r.cloudfront.net

Software

tv /

Resource Hash

e3d0e4c728275251f196c7801c4ba526a9b656a1058cb0d2fd9a25cbc230fd59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 10:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3378163
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 25 May 2021 09:32:27 GMT
server: tv
etag: W/"60acc42b-bb12"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kIKjcfhqmzVGnyF3pcFzz18_rfpiOKUFoY1DldBBpglwTccTJBqdvg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.0059b4ead69a7c468bcb.js Show response
s.tradingview.com/static/bundles/embed/ Frame 81AE 282 KB
82 KB 47ms
47ms Script
application/javascript 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.0059b4ead69a7c468bcb.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-63.fra2.r.cloudfront.net

Software

tv /

Resource Hash

b27ceef62a088fbda0bdff5801caad50d524ff9dde0aa86cba7595fa2612a498

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 10:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94963
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 02 Jul 2021 09:29:48 GMT
server: tv
etag: W/"60dedc8c-1469d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: sKtZEf4nXjgwdSFCU77AtgiulZo3mZNCJ94qCSGpefjUHwRxDHA-Kg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.4a5608c13b19f8a2f483.css
s.tradingview.com/static/bundles/embed/ Frame 81AE 1 KB
1 KB 74ms
74ms Stylesheet
text/css 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.4a5608c13b19f8a2f483.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-63.fra2.r.cloudfront.net

Software

tv /

Resource Hash

9a7af7a659f73a8bfa37060244274f6015846391ddec69dbbf3d96ece87c2701

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 10:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3723642
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 21 May 2021 09:29:22 GMT
server: tv
etag: W/"60a77d72-2bb"
vary: Accept-Encoding
content-type: text/css
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5AUc0hNAWgw3B9hQA0BagQkZAfFGHBLcuJa_wGUZZaLDfxXUIOFqEA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.e8ef1be849a0d99f1e65.css
s.tradingview.com/static/bundles/embed/ Frame 81AE 26 KB
4 KB 75ms
74ms Stylesheet
text/css 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.e8ef1be849a0d99f1e65.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-63.fra2.r.cloudfront.net

Software

tv /

Resource Hash

bc3152c5f60cf0d6f4ed6fc09167f13ad6ccb8e337a44ad91af65bbb7f64a5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 10:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1303901
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 18 Jun 2021 09:35:44 GMT
server: tv
etag: W/"60cc68f0-f5c"
vary: Accept-Encoding
content-type: text/css
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Qf0Xjkqui0GsL4emgB0PI-U1C-u5wHU4RRKqDnbtdPi0Hj9voRoyeQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 23:33:58 GMT
x-content-type-options: nosniff
age: 307669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 23:33:58 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-16055024-1&cid=1051320217.1625317308&jid=1591401777&gjid=185434770&_gid=1421143118.1625317308&_u=YEBAAUAAAAAAAC~&z=979864287

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 03 Jul 2021 13:01:47 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-16055024-1&cid=1051320217.1625317308&jid=1591401777&_u=YEBAAUAAAAAAAC~&z=1553295579

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-16055024-1&cid=1051320217.1625317308&jid=1591401777&_u=YEBAAUAAAAAAAC~&z=1553295579

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
893 B 69ms
67ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?pv=5&cbuster=1625317308048986788645&uniqId=01085&niet=4g&nisd=false&w=370&h=330&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=17a6c75f626a2d57e49&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20216313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9fe7d669d32cef4d08129bacaaa51efd489d208ba1f43ec4d418c710db26e1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904df76fe6d8a9-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 66ms
66ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1090&cols=1&pv=5&cbuster=1625317308075195604703&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=17a6c75f626a2d57e49&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20216313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d507bd2a2875d72f483942f030c049be9fe240184204be637a43ff3e95d81f3e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904df7984fd8a9-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 81AE 91 KB
36 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.0059b4ead69a7c468bcb.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17313826b40e8116fd2b4af97e56037e0edc59d246de536e4c3175a461cdc02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36983
x-xss-protection: 0
last-modified: Sat, 03 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jul 2021 13:01:48 GMT

GET
H2 200 295.9438689efe80e95b1a74.css
s.tradingview.com/static/bundles/embed/ Frame 81AE 635 B
774 B 39ms
38ms Stylesheet
text/css 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/295.9438689efe80e95b1a74.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.d79c6735587b632092dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-63.fra2.r.cloudfront.net

Software

tv /

Resource Hash

445ac3a3c5d701d4d3fe7724b549b890661785440582f0a7b9fbd352d37588ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 10:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 873162
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 23 Jun 2021 09:23:06 GMT
server: tv
etag: W/"60d2fd7a-114"
vary: Accept-Encoding
content-type: text/css
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2G_yqvz5BBkNbGjx4tN-1t8CE4RvWo2XhG4C8e7w9TMan6dTiR-e5Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.16934b6f2d1c14845ea8.js Show response
s.tradingview.com/static/bundles/embed/ Frame 81AE 4 KB
2 KB 36ms
36ms Script
application/javascript 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.16934b6f2d1c14845ea8.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.d79c6735587b632092dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-63.fra2.r.cloudfront.net

Software

tv /

Resource Hash

c813f644cb77fb7c7fbecf541b0f349a5b8b9327c500972398da0e454114cba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1909242
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 11 Jun 2021 09:25:00 GMT
server: tv
etag: W/"60c32bec-692"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: rOjAKUDlRS6gc21CB970KoIposB31DU5s2gdtYnsnP1ol0S8HvjszA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
834 B 82ms
74ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1625317308229555701126
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20216313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be8574f1c4004a86af0f62f3fa9a79b5468617e3e42b26da3a629a3856a13a50

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 14dd28f6-8fc3-4f02-a0d5-3fcc0f52bc8d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904df88987d8a9-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame C5FE 19 B
177 B 86ms
82ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1625317308233718854522
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20216313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: b9b24354-4523-4b37-8c7a-9b2ec84402f2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904df88986d8a9-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 105ms
36ms Script
application/javascript 13.224.193.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20216313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:55:51 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: ocBnsNe2HntFlBlfPfud6HxW0sNC9IjwTm5z0NLlc72RgcT8pQ2bqg==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/492x328/0x0x492x328/ 12 KB
12 KB 31ms
30ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164883/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1625317308-LvRSn9DDwG21ZaKweWt0ljf6r3nxwOiw8YhD_0WH55g
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c3f71afbeeed7e2dd4c4f436a8f1b75b8cc09a9849ef2f842016500d0f4788

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:18 GMT
x-mg-request-uuid: 09ac519a-808f-4ed1-83c2-0a51d3f52b68
age: 1415377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df88982d8a9-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12392
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/492x328/0x0x492x328/ Frame AE5A 12 KB
12 KB 30ms
29ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164883/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1625317308-LvRSn9DDwG21ZaKweWt0ljf6r3nxwOiw8YhD_0WH55g
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c3f71afbeeed7e2dd4c4f436a8f1b75b8cc09a9849ef2f842016500d0f4788

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:18 GMT
x-mg-request-uuid: 09ac519a-808f-4ed1-83c2-0a51d3f52b68
age: 1415377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df88984d8a9-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12392
server: cloudflare

GET
H3-29 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmM...
s-img.mgid.com/g/8164852/492x277/-/ 20 KB
20 KB 117ms
92ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164852/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmMzU0N2QwODgzZjFjMmJiZDguanBn.webp?v=1625317308-jVSxhboOZlQcmweEJ3b7Mne_zRZey81qBaktXgGpn9g
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de9c497969d31eee2b8be2e28ceadf5e64248f95c5e4589eda73b2c1e12718bc

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:23 GMT
x-mg-request-uuid: b7fff1af-e1fe-43fa-8483-598a08463658
age: 6163225
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df8ef4210ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20250
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x667/ 17 KB
17 KB 97ms
73ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1625317308-EWdQO9dExBjtpMtFRZ55TfQNkulsC-hrFL8FMnlC2Js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:22 GMT
x-mg-request-uuid: 12c19d05-5318-4e6a-91c6-b9176052c149
age: 6163382
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df8ef4010ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17234
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x277/0x0x1081x720/ 11 KB
11 KB 68ms
44ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1625317308-KsuYHJmHZngGkX0eONIwqf9KXSr5J5kh-aGD6E3pH0c
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b157d25b2620c6a59a6ed469adcc741ce36e24b7a134a466ab95bfece785c7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:26 GMT
x-mg-request-uuid: 2cc41e5f-7148-4c9e-b3b6-a6b81ac70d71
age: 6163593
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df8ef3c10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10786
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp
s-img.mgid.com/g/8164860/492x277/0x0x831x554/ 7 KB
8 KB 75ms
51ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164860/492x277/0x0x831x554/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp?v=1625317308-OaMXYmc14F3dfVsJRSDQy7K394PallTohBKnTlD3IaQ
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9341c2dffef060dc610a5a546f7addbe85a3005a62c8d5f076aafee880d48042

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:37 GMT
x-mg-request-uuid: 17633610-f707-415e-a4fc-f66800b83de0
age: 6163684
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df8ef3a10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7544
server: cloudflare

GET
H3-29 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmM...
s-img.mgid.com/g/8164852/492x277/-/ Frame 11CA 20 KB
20 KB 75ms
51ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164852/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmMzU0N2QwODgzZjFjMmJiZDguanBn.webp?v=1625317308-jVSxhboOZlQcmweEJ3b7Mne_zRZey81qBaktXgGpn9g
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de9c497969d31eee2b8be2e28ceadf5e64248f95c5e4589eda73b2c1e12718bc

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:23 GMT
x-mg-request-uuid: b7fff1af-e1fe-43fa-8483-598a08463658
age: 6163225
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df8ef3e10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20250
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x667/ Frame 11CA 17 KB
17 KB 95ms
72ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1625317308-EWdQO9dExBjtpMtFRZ55TfQNkulsC-hrFL8FMnlC2Js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:22 GMT
x-mg-request-uuid: 12c19d05-5318-4e6a-91c6-b9176052c149
age: 6163382
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df8ef3d10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17234
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x277/0x0x1081x720/ Frame 11CA 11 KB
11 KB 51ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1625317308-KsuYHJmHZngGkX0eONIwqf9KXSr5J5kh-aGD6E3pH0c
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b157d25b2620c6a59a6ed469adcc741ce36e24b7a134a466ab95bfece785c7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:26 GMT
x-mg-request-uuid: 2cc41e5f-7148-4c9e-b3b6-a6b81ac70d71
age: 6163593
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df8ef3b10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10786
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp
s-img.mgid.com/g/8164860/492x277/0x0x831x554/ Frame 11CA 7 KB
8 KB 115ms
91ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164860/492x277/0x0x831x554/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp?v=1625317308-OaMXYmc14F3dfVsJRSDQy7K394PallTohBKnTlD3IaQ
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9341c2dffef060dc610a5a546f7addbe85a3005a62c8d5f076aafee880d48042

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:37 GMT
x-mg-request-uuid: 17633610-f707-415e-a4fc-f66800b83de0
age: 6163684
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66904df8ef4110ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7544
server: cloudflare

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 81AE 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4786
date: Sat, 03 Jul 2021 11:42:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sat, 03 Jul 2021 13:42:02 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3E81
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

101ms
34ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1625317308229555701126
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jul 2021 13:01:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sat, 03 Jul 2021 13:01:48 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
413 B 112ms
61ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l63MKi9QSC16
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 66904df96ccc1d02-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l63MKi9QSC16
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l63MKi9QSC16
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=9f9f9385-f410-426a-b2b1-c3357fde3f2b&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

68 B
263 B

114ms
39ms

Image
image/png

18.158.174.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=9f9f9385-f410-426a-b2b1-c3357fde3f2b&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.174.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=9f9f9385-f410-426a-b2b1-c3357fde3f2b&seat_user_id=&seat_key= &gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date: Sat, 03 Jul 2021 13:01:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=9f9f9385-f410-426a-b2b1-c3357fde3f2b
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=9f9f9385-f410-426a-b2b1-c3357fde3f2b
https://cm.mgid.com/m?cdsp=433145&c=9f9f9385-f410-426a-b2b1-c3357fde3f2b&gdpr=&gdpr_consent=&us_privacy=

43 B
522 B

56ms
56ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=9f9f9385-f410-426a-b2b1-c3357fde3f2b&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 0c4f6cb7-28b3-440c-b4ed-a16a8f3b3744
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904dfb3a7910ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=9f9f9385-f410-426a-b2b1-c3357fde3f2b&gdpr=&gdpr_consent=&us_privacy=
date: Sat, 03 Jul 2021 13:01:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=7f0921be-62c4-4399-97c6-7d6e4cf81dad&ttl=1627909308

43 B
505 B

61ms
61ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=7f0921be-62c4-4399-97c6-7d6e4cf81dad&ttl=1627909308
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 37bbb422-c8cb-4c1c-8910-11405600cc9a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904dfa593f10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=7f0921be-62c4-4399-97c6-7d6e4cf81dad&ttl=1627909308
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
496 B 116ms
66ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l63MKi9QSC16
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 66904df96cbdd891-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDYzTUtpOVFTQzE2&muidn=l63MKi9QSC16
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDYzTUtpOVFTQzE2&muidn=l63MKi9QSC16&google_tc=
https://cm.mgid.com/google?muidn=l63MKi9QSC16&google_ula={guid},5&google_gid=CAESEIru8SWzwPqskc5jZHsLxDE&google_cver=1

0
369 B

63ms
59ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l63MKi9QSC16&google_ula={guid},5&google_gid=CAESEIru8SWzwPqskc5jZHsLxDE&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904dfab9c410ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l63MKi9QSC16&google_ula={guid},5&google_gid=CAESEIru8SWzwPqskc5jZHsLxDE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=RwcrUN5pUNfwWJekuCAN&pi=mgid&tc=1

43 B
506 B

56ms
56ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=RwcrUN5pUNfwWJekuCAN&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b80213a8-6834-47b7-80ff-359dea04db40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904dfa08d010ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=RwcrUN5pUNfwWJekuCAN&pi=mgid&tc=1
pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT, Sat, 03 Jul 2021 13:01:48 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1625317308342&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625317308342&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

64 B
329 B

38ms
38ms

Image
image/gif

13.224.193.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625317308342&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-109.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: vv7Wne-Rk41rZRNpmy-HEWmUp2gzZQBChKVjh-PgZbK-3NcetWUf8g==

Redirect headers

date: Sat, 03 Jul 2021 13:01:48 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625317308342&ns_c=UTF-8&cv=3.5&c8=Before%20It's%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
content-length: 217
x-amz-cf-id: 3XxZsJpMTnUamjotYBWnjyNJDa0ZTdsdpbPFYp1PBpcKg3kPXBR3Jg==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1625317308343&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625317308343&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=

64 B
330 B

40ms
39ms

Image
image/gif

13.224.193.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625317308343&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-109.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 7uAxDxGZA9exb9yezFwCA22XmMU-UjNTpbRYvlADTGC-sDXZ4vM0dg==

Redirect headers

date: Sat, 03 Jul 2021 13:01:48 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625317308343&ns_c=UTF-8&cv=3.5&c8=Before%20It's%20News%20%7C%20People%20Powered%20News&c7=https%3A%2F%2Fbeforeitsnews.com%2F&c9=
content-length: 217
x-amz-cf-id: tsihizdH4XHLGHNJsfuqz0PBgh1M1NdRqPASJt1M3_BIcIzLY-1zRw==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 81AE 3 KB
787 B 33ms
9ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:24:07 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:34:51 GMT
server: AmazonS3
age: 1967861
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: 55aH8hUVIKESXcWn-zCu1Kais0Nm65MN0igZvyM5UPQ9XLUMbwXfUA==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 81AE 523 B
904 B 34ms
10ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 19:06:57 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:48:30 GMT
server: AmazonS3
age: 1446892
etag: "4542d4ecd73f04c73affa787a4522596"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: nSZTKnf2MfuiEOwg0EqF5_WBtVnihhXDIJ4q1jjHw84o-IuwyXzpsA==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 81AE 801 B
1 KB 34ms
10ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:37:28 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:43:32 GMT
server: AmazonS3
age: 2579061
etag: "107060b925841745f310697bd9f1f83d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: LKtA8Dj1ltknopwaL2BHM8GBs_OibST4t1_prdhVu21ezDFF2tUNiA==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 81AE 870 B
1 KB 30ms
7ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:40:55 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:35:23 GMT
server: AmazonS3
age: 2071254
etag: "e9173ef4613c3da43c45885ea39c4b96"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: 13sB-URHPxZglFyD0MaM1Jjv1niWt6cQ4VzpCH0w2l56ezn_45-BEQ==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 1 KB
1020 B 36ms
13ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 09:50:59 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:34:28 GMT
server: AmazonS3
age: 2430650
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: BJrIGv6HFAt0rijYSbZ__lwhqBnCfYAw886FFeY0v63O8Tru_WulAg==

GET
H2 200 facebook.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 225 B
605 B 31ms
8ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/facebook.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f785ad56ccd948b3be8bc3fc810e51ccd0cbb9f4da47100300b25797e9ffb8ad

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 13:46:48 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:44:38 GMT
server: AmazonS3
age: 2502901
etag: "0c6d458a2d9ece244f3676100a74b59f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 0c6d458a2d9ece244f3676100a74b59f
content-length: 225
x-amz-cf-id: 42FL36n2I891qPv2NRloj9khmzOZPwZMaroXd8uE1ujOgumKnpZR6w==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 522 B
910 B 12ms
7ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 19:19:38 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:41:36 GMT
server: AmazonS3
age: 1186931
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: LYIoOgoGt-W43pht75uNPsq2-bfLrGoQxzlN6avQIfoUvs8FtJvsYA==

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 1 KB
1 KB 13ms
9ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 12:37:35 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 07:43:26 GMT
server: AmazonS3
age: 2161454
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: D-anegTeOWBbuFQX9gkmUYa6AF0JTe4mnLfT1DGMdTMmwDW77VtdoQ==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 508 B
898 B 16ms
11ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Jun 2021 15:00:56 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:26:48 GMT
server: AmazonS3
age: 597653
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: 1xIIPw9af-5otvj945P3dHRB1NfFbpdiuFDqRZz7m_weYE7oK7xZ7A==

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 182 B
564 B 16ms
12ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Jun 2021 23:51:46 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:46:12 GMT
server: AmazonS3
age: 565802
etag: "a4fcbd383e2f657b6528f4aa95844de5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: hJpaHx7GBfgRLs69sVGhQwBI5yXVTZ-Wr9C4MF5RPFCmuJEz070o1w==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 1 KB
1 KB 20ms
16ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 18:24:30 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 07:36:30 GMT
server: AmazonS3
age: 2313439
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: 02691htHUhyLZutaRVrSBzB3GOShCgSD4RSWPkO5kkmkOwYMz4Tezg==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 1 KB
1 KB 13ms
9ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 01:45:59 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:15:48 GMT
server: AmazonS3
age: 1854950
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: BvivWQx77FsiEWrvjcQkle2gHfToL2_vxqXp0pq9-Jx-5lOKsOAG6g==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 304 B
692 B 20ms
16ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 10:24:27 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 08:19:18 GMT
server: AmazonS3
age: 2169441
etag: "074d127e2f9fd8c2e79c01a5f002979c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: QwuzB4dJXgu3l2aTwVx-ul1LpnHVs6R-orbexSWTvN0Cc-fbBqz_3w==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 1 KB
1 KB 21ms
16ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 00:18:22 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:28:29 GMT
server: AmazonS3
age: 1860207
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: F3RSm_uI33T-8njIUYIYyMEsJ9d-zOOqYRMirz6uPzmMC1Su-uhr6g==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 1 KB
1 KB 21ms
16ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 14:16:46 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 07:42:45 GMT
server: AmazonS3
age: 2587503
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: Ngz_s6WSgi2QnuAh6iKqsl_c8k9bVskvh8V30P29OqNmN4UhPggUEA==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 761 B
1 KB 16ms
12ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 19:11:43 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:35:48 GMT
server: AmazonS3
age: 2310606
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: PGbHPB6myvKdXqKOuMq8h9x-yuFzrhEdFyi0S-2zxEbR7G0WEGiGIQ==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 1 KB
1 KB 15ms
10ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 19:33:32 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:09:37 GMT
server: AmazonS3
age: 2568497
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: jFrn94zNyq_JpindrI7wY1Ie6P-4ZiNqFSGyhFzIolmaOyKtjB6VbA==

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 1 KB
1 KB 30ms
26ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 10:24:28 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:27:26 GMT
server: AmazonS3
age: 2169441
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: PrfwHVyf7bgqn1w4yBdjQmh_s4TkYvVUxkfRMilazgvH-kCMyIRyoA==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame 81AE 635 B
1 KB 24ms
19ms Image
image/svg+xml 2600:9000:20eb:e400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:02:25 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 07:27:48 GMT
server: AmazonS3
age: 1684764
etag: "4c66a5172a9c77ab75e140f5079218ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: VTGrkncDwpiK3WZD7u66BsWhnepq5SsEmp2hCO89huE94FRk2WzSng==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3E81 31 KB
9 KB 38ms
37ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b2a85c91c46dcb480f5253cbf0cfc61a63eb1a296b065deb2f7e8e52f8e99694

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jul 2021 13:01:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33993
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Sat, 03 Jul 2021 22:28:21 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3E81 284 B
536 B 140ms
36ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H3-29 200 jsDynamic-bin-rev-20210610.js Show response
beforeitsnews.com/static/js-v3/ 5 KB
2 KB 24ms
23ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210610.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20210610.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91c1c0d7be5abcb80202ba824099d4819dc29f6e35aacc7346cd6e0068bb4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/jsDynamic-bin-rev-20210610.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992161
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:35:56 GMT
server: cloudflare
etag: W/"60c1f91c-1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904dfbfb354e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:07 GMT

GET
H3-29 200 responsive-bin-rev-20210610.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20210610.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20210610.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/responsive-bin-rev-20210610.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992161
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:35:57 GMT
server: cloudflare
etag: W/"60c1f91d-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904dfbfb374e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:07 GMT

GET
H3-29 200 validate-bin-rev-20210610.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 28ms
27ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20210610.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20210610.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/validate-bin-rev-20210610.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992161
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:35:58 GMT
server: cloudflare
etag: W/"60c1f91e-19fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904dfbfb384e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:07 GMT

GET
H3-29 200 loadmore-bin-rev-20210610.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20210610.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20210610.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/loadmore-bin-rev-20210610.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992161
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:35:57 GMT
server: cloudflare
etag: W/"60c1f91d-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904dfbfb394e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:07 GMT

GET
H3-29 200 lazy-loading-bin-rev-20210610.js Show response
beforeitsnews.com/static/js-v3/ 124 B
688 B 21ms
20ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-20210610.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20210610.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/js-v3/lazy-loading-bin-rev-20210610.js
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1992161
cf-polished: origSize=173
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 11:35:56 GMT
server: cloudflare
etag: W/"60c1f91c-ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 66904dfbfb3a4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 17 Jun 2021 11:39:07 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 10 KB
4 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20210610.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0530fb6d18011e8cf727739c32d28d3dfa5b5bedb9ec39e9cd4a358e734d86d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3851
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 26ms
6ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:45:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 03 Jul 2021 13:45:10 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 6 KB
2 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2154
x-xss-protection: 0
last-modified: Mon, 24 May 2021 18:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 03 Jul 2021 13:27:29 GMT

GET
H2 200 showing.php Show response
a2.beforeitsnews.com/dAjax/ 106 KB
10 KB 673ms
664ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.beforeitsnews.com/dAjax/showing.php?_=1625317308822

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bde5cb4fafe8ec2ff121118f8c40b54d19496f806d4a5592f1ea62bdfa378ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
cf-ray: 66904dfc3a882b1a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 111ms
37ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210610.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:05:57 GMT
server: nginx
etag: W/"14f4-17a603eab1c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 34ms
17ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210610.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f182ed807d450695ca1b7a46485055753f62953e537375f87ed760db40b5e944

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:48 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2267
etag: W/"9cc5b20efbbb51fc44f99beb97c68732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 66904dfc59bd4a56-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 06 Jul 2021 13:01:48 GMT

GET
H3-29 200 element_main.js Show response
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 252 KB
90 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91906
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:56:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 13:16:12 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:06:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3312
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Sun, 03 Jul 2022 12:06:36 GMT

GET
H3-29 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 8EE9 18 KB
3 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:45:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 03 Jul 2021 13:45:10 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
913 B 6ms
6ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:45:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 988
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Sun, 03 Jul 2022 12:45:20 GMT

GET
H3-29 200 cleardot.gif
www.google.com/images/ 43 B
63 B 23ms
22ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 l Show response
translate.googleapis.com/translate_a/ Frame 3D6C 3 KB
962 B 19ms
19ms Script
application/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4CJJy8CF9dgvcm1SwL7Okw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-4CJJy8CF9dgvcm1SwL7Okw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
date: Sat, 03 Jul 2021 13:01:48 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 10864438442185062 Show response
lockerdome.com/lad/ Frame 6DF5 1 KB
2 KB 694ms
145ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Sat, 03 Jul 2021 13:01:49 GMT

GET
H/1.1 200
OK 10864440455450982 Show response
lockerdome.com/lad/ Frame 659E 1 KB
2 KB 707ms
152ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Sat, 03 Jul 2021 13:01:49 GMT

GET
H3-29 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 00:07:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 305636
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Thu, 30 Jun 2022 00:07:52 GMT

GET
H3-29 200 c
c.mgid.com/ Frame AE5A 43 B
434 B 139ms
138ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=366|284|8|jib9OCcGHZgyTEQBTY0WFtXyiaID-wjL6jcfhrXJ7yGZD1LCNhtvERZQ_JrPRFDE&fw=1&extjs=66044&cid=720412&h2=hF4OtNEHL2Ycn5eVo4d0pIX6hEDi4V7NefSx9mCDcHI*&rid=d3755ce0-dbfe-11eb-a784-d094662f8ab5&tt=Direct&iv=10&pageImp=1&pvid=17a6c75f626a2d57e49&cbuster=162531730936469757600&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:49 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: be047d39-911c-4f61-ac88-078b7053c591
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66904dff990610ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 video.php Show response
www.facebook.com/plugins/ Frame C9A4 500 KB
98 KB 314ms
302ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11790f2fe7b5f94bbfa99fc1715ed871f483cdcba36ec1ada9e85b653fd8bd48

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coep_report"
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: /FpM7sIJ3ebSLZ1uyOv1/UO5HYfY5hizGeU7gs/bJV+ZG2AuxRdjsP+QpFA4CRkMCx1W18gweDAFnhRsw30F+Q==
date: Sat, 03 Jul 2021 13:01:49 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 / Show response
rumble.com/embed/vgq7gz/ Frame DDEF 17 KB
7 KB 384ms
131ms Document
text/html 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vgq7gz/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

nginx /

Resource Hash

300e8ac7bae24b8989826c83639b6c4d9c660ebaf0f1d5c55dc27cfee6c53591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

:method: GET
:authority: rumble.com
:scheme: https
:path: /embed/vgq7gz/?pub=hw409
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

server: nginx
date: Sat, 03 Jul 2021 13:01:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/vjcdm9-can-we-say-coup-dtat-the-assaults-continue.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
H3-29 200 cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg
beforeitsnews.com/img/i2021/07/ 15 KB
16 KB 34ms
32ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/07/cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b997bcff91f40fdd88dfa17feadca80bc7029e99e6dcbe6d78f3a1e210a9432

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/i2021/07/cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 205192
cf-polished: origSize=16737, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15529
last-modified: Fri, 16 Aug 2019 22:57:14 GMT
server: cloudflare
etag: "5d5734ca-4161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Jul 2022 04:01:57 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904e00ad864e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 aa8d9bc9309c17e611bbff4109764b29718a8e56.jpeg
beforeitsnews.com/img/i2021/07/ 14 KB
15 KB 34ms
33ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/07/aa8d9bc9309c17e611bbff4109764b29718a8e56.jpeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc626fde73727b75ab726e9c58aa9fcd70be714638e101d7aa0bb819fce41209

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/i2021/07/aa8d9bc9309c17e611bbff4109764b29718a8e56.jpeg
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 205224
cf-polished: origSize=15420, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14371
last-modified: Wed, 06 Mar 2019 03:15:38 GMT
server: cloudflare
etag: "5c7f3b5a-3c3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Jul 2022 04:01:25 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904e00ad884e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 8d5cceab208521ca79660331ec07d52eb9a74e1e.jpeg
beforeitsnews.com/img/i2021/07/ 16 KB
16 KB 34ms
33ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/07/8d5cceab208521ca79660331ec07d52eb9a74e1e.jpeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2218e35ef24a3c926004d23f458e8f7518587e53fbe46dceb456362d70ada88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/i2021/07/8d5cceab208521ca79660331ec07d52eb9a74e1e.jpeg
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 203985
cf-polished: origSize=17848, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16031
last-modified: Fri, 15 Mar 2019 15:54:32 GMT
server: cloudflare
etag: "5c8bcab8-45b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 01 Jul 2022 04:22:04 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904e00ad8b4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 a23c6431cf5774179eec6be0d4e6e2b0c0f5f6e9.png
beforeitsnews.com/img/banner_contract/ 325 KB
326 KB 26ms
25ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/a23c6431cf5774179eec6be0d4e6e2b0c0f5f6e9.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39556538ec36accef2aaf8236e6853491a437adcc43486ff5d304adc5e89a821

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner_contract/a23c6431cf5774179eec6be0d4e6e2b0c0f5f6e9.png
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:49 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2044783
cf-polished: origFmt=png, origSize=441092
content-disposition: inline; filename="a23c6431cf5774179eec6be0d4e6e2b0c0f5f6e9.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 333040
last-modified: Sat, 22 May 2021 12:14:42 GMT
server: cloudflare
etag: "60a8f5b2-6bb04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 21:02:06 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904e00ad8e4e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
beforeitsnews.com/img/banner_contract/ 46 KB
46 KB 27ms
26ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba2ec1f0e483b39c4f96db14778f55eceafa2ef67aa2b49c532a2cb24a52377b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 952803
cf-polished: origSize=51812, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 46878
last-modified: Sat, 22 May 2021 12:15:55 GMT
server: cloudflare
etag: "60a8f5fb-ca64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 22 Jun 2022 12:21:45 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904e00ad914e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-29 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 45ms
44ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
pragma: no-cache
cookie: SERVERID=s1; __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs; b4in-uuid=cc5ae0ff-17e4-4060-a5f3-725328aea3cd; _ga=GA1.2.1051320217.1625317308; _gid=GA1.2.1421143118.1625317308; _gat_gtag_UA_16055024_1=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: beforeitsnews.com
referer: https://beforeitsnews.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 952804
cf-polished: origSize=36512, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
server: cloudflare
etag: "60a8f625-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 22 Jun 2022 12:21:45 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 66904e00ad924e4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Kxdadyu1_S8 Show response
www.youtube.com/embed/ Frame D5E0 54 KB
23 KB 103ms
81ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d95bb99a77e5b7f415ac5f570998afda8c6360b08d7e8b14fc9c61905212685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Kxdadyu1_S8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Jul 2021 13:01:49 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=0JIVr3FdxiI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=F0sW41adnSI; Domain=.youtube.com; Expires=Thu, 30-Dec-2021 13:01:49 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+465; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 dc.js Show response
stats.g.doubleclick.net/ Frame 6DF5 45 KB
17 KB 30ms
14ms Script
text/javascript 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 250
date: Sat, 03 Jul 2021 12:57:39 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 03 Jul 2021 14:57:39 GMT

GET
H3-29 200 dc.js Show response
stats.g.doubleclick.net/ Frame 659E 45 KB
17 KB 17ms
16ms Script
text/javascript 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 250
date: Sat, 03 Jul 2021 12:57:39 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 03 Jul 2021 14:57:39 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/7acefd5d/ Frame D5E0 324 KB
45 KB 22ms
8ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7acefd5d/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6c3d5fa60e4bf93e81d7df8456be46e03d60e70378e9af123c010a610e49192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 09:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45801
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 00:20:32 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Jul 2022 09:54:26 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/ Frame D5E0 192 KB
63 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4118e3905681f28cf8dc9eb48bd5aabd36bff99666193810868d9182ba9686da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 14:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 253280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64943
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 00:20:32 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 14:40:29 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/ Frame D5E0 2 MB
2 MB 29ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75b0a7bd1689b8f44e349e382ac54c3004d8559c347546ec7f3aea716cad758f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 23:40:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 00:20:32 GMT
server: sffe
age: 48058
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1739763
x-xss-protection: 0
expires: Sat, 02 Jul 2022 23:40:51 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/7acefd5d/fetch-polyfill.vflset/ Frame D5E0 8 KB
3 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7acefd5d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 04:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 00:20:32 GMT
server: sffe
age: 32068
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Sun, 03 Jul 2022 04:07:21 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D5E0 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 08:09:57 GMT
x-content-type-options: nosniff
age: 276712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 08:09:57 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame D5E0 113 B
159 B 80ms
79ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

288781a52d6c6b1f48b59a03788a7afc5fab5939b5deb8967953aad83ba30156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D5E0 29 B
424 B 26ms
6ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:47:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 868
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sat, 03 Jul 2021 13:02:21 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/ Frame D5E0 94 KB
94 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b9e10132c1000cef53bc06b39c845b1d522ca85222ff94f07bdc31fb3d16f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 11:45:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 00:20:32 GMT
server: sffe
age: 4575
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95776
x-xss-protection: 0
expires: Sun, 03 Jul 2022 11:45:34 GMT

GET
H3-29 200 8LWF8Aw1Pw4CbeJgRqHqI_BfDLSA1tzHDNduqMVuO1Y.js Show response
www.google.com/js/th/ Frame D5E0 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/8LWF8Aw1Pw4CbeJgRqHqI_BfDLSA1tzHDNduqMVuO1Y.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0b585f00c353f0e026de26046a1ea23f05f0cb480d6dcc70cd76ea8c56e3b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:07:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 20:07:31 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/ Frame D5E0 25 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a3573a374b60552bfaf599cbda271a4301bbad1b489f65f091c3208f1e759e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 11:44:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7482
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 00:20:32 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Jul 2022 11:44:45 GMT

GET
DATA 200
OK truncated
/ Frame D5E0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRQ_cDhJmbuI0V-JPgGjv0I5XBQy-JIKCo2ug=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D5E0 797 B
1 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRQ_cDhJmbuI0V-JPgGjv0I5XBQy-JIKCo2ug=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c476d5d5a9cce342a54743c0e1ca48b35f00e664f4d0994264b825ded4054050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 11:23:06 GMT
x-content-type-options: nosniff
server: fife
age: 5923
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 797
x-xss-protection: 0
expires: Sun, 04 Jul 2021 11:23:06 GMT

GET
H3-29 200 sddefault.webp
i.ytimg.com/vi_webp/Kxdadyu1_S8/ Frame D5E0 11 KB
11 KB 7ms
6ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Kxdadyu1_S8/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983eec036059654e2dcefa62f6049eec38d82389a1b2f12b688e998b2058e79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 12:54:13 GMT
x-content-type-options: nosniff
server: sffe
age: 456
etag: "0"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10922
x-xss-protection: 0
expires: Sat, 03 Jul 2021 14:54:13 GMT

GET
H3-29 200 om5gKnm0yt8.css
www.facebook.com/rsrc.php/v3/y3/l/0,cross/ Frame C9A4 29 KB
7 KB 18ms
17ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y3/l/0,cross/om5gKnm0yt8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7af589e6f739b847df394068f77b79e76dcf6c26f8ee9f8fdd7eec10684f0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 18:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lf4/IUwtK2DJ2Bs3Yguyjw==
cross-origin-resource-policy: cross-origin
content-length: 7274
x-fb-rlafr: 0
x-fb-debug: iwEuwLrTwCoUw/06wkQG1X8vippRdkHXhfcuKvWrmuwFKqh3rt8brMkkzRVi/tWpHMvA5eo/6YyqyNHlJ/cLRA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 23 Jun 2022 18:46:19 GMT

GET
H3-29 200 paV3RXmt3Vr.css
www.facebook.com/rsrc.php/v3/yy/l/0,cross/ Frame C9A4 400 KB
108 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yy/l/0,cross/paV3RXmt3Vr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5171c54d78ebf5bc0629118b6677cba38c3a6c7cf6d6b6ee6e434485ea95452a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 03:45:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SZ9G2TcUldr0hbTBZzf2JQ==
cross-origin-resource-policy: cross-origin
content-length: 110690
x-fb-rlafr: 0
x-fb-debug: AnZ6K1Kb9vrZzvGdS+2p7MYr4ZSdgmkFduv1JqLa+vns4pWFS2GmBYIbZUNR3JLq+ARYdXwQU09wks/lEHc+Hg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 03:45:27 GMT

GET
H3-29 200 f_BxqCp-cVL.css
www.facebook.com/rsrc.php/v3/y1/l/0,cross/ Frame C9A4 4 KB
849 B 13ms
11ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y1/l/0,cross/f_BxqCp-cVL.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

88ff58726b9d4b516a8b9375256d5347bd6e273954f44b8e5b9f58d7b7b925e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SJgYNzWRWsbIkLLIC3n2sQ==
cross-origin-resource-policy: cross-origin
content-length: 797
x-fb-rlafr: 0
x-fb-debug: QdHU+v5jhoH1Tnp6sJKhRXWZyQ9rxXB6Buxc4FHMQKxs0DMpFk0e0kQWZuI6ZAGcG3FZDEFj3nHvC11cIUdh0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 18:47:31 GMT

GET
H3-29 200 P9HQ5PCWcHJ.js Show response
www.facebook.com/rsrc.php/v3/yS/r/ Frame C9A4 298 KB
81 KB 14ms
12ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

58ffef670f74318a8517ac12b0d5bd84aa3523dde01b760545f4ab6ee89ad49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 23:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oA/01tZcmLO/wjxU7TfUdQ==
cross-origin-resource-policy: cross-origin
content-length: 82851
x-fb-rlafr: 0
x-fb-debug: rVT4gGxlbEV0XmlULdMul0s7AvJYAgFCTy0Djd37kJ+wOH0Phq892n7vig41l9CfDccS5clV3XxdZ52/6JMgMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Jul 2022 23:26:28 GMT

GET
H3-29 200 Te15QRVJEu-.js Show response
www.facebook.com/rsrc.php/v3iN_84/y9/l/de_DE/ Frame C9A4 124 KB
34 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iN_84/y9/l/de_DE/Te15QRVJEu-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

91ac2f2a8b0a0918f41cde2cf21cc806087a04ad341cf394abd5453ce1217d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 17:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qzqr6HejO5vxRJ29MSVZIQ==
cross-origin-resource-policy: cross-origin
content-length: 34749
x-fb-rlafr: 0
x-fb-debug: xihZCiBEQamr+yMwJfpMlu40E9KPt9cGV0sSDBO4WrsXHb7wdS7ln/DAnfk807IPlpohHrfClMDx2daIeWDNLw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 23 Jun 2022 17:18:14 GMT

GET
H3-29 200 r_9uG4H8PQf.js Show response
www.facebook.com/rsrc.php/v3iuIp4/yT/l/de_DE/ Frame C9A4 628 KB
151 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iuIp4/yT/l/de_DE/r_9uG4H8PQf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e74a2f29c1cd61e2435c95ff6225d7cf74ec18a8da2a4ed6f5131795004cd6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tI+CHAJkiuYKfxNfTcE3hw==
cross-origin-resource-policy: cross-origin
content-length: 154324
x-fb-rlafr: 0
x-fb-debug: zFXFa73QN4Qy6VIO/K9SpMwR1eSXK7zZrt0RYWOpJANn21qyHIjNv0VIfqa7PzcEFhTem6u4VWTO+h5MGN7E2A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 00:54:00 GMT

GET
H3-29 200 aZT7BeRF7xg.js Show response
www.facebook.com/rsrc.php/v3iOTn4/yu/l/de_DE/ Frame C9A4 493 KB
116 KB 15ms
13ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iOTn4/yu/l/de_DE/aZT7BeRF7xg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3918c6cc193b662a6a4e514d7ba4011cbfe4523c14f6e5bfdb2f1d1b2962d76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LGPkp9fkZ4QEBfNapNYayQ==
cross-origin-resource-policy: cross-origin
content-length: 118254
x-fb-rlafr: 0
x-fb-debug: cwaHX2Ac6H8B9U7QkbMes0WqMnVHYZ9r3EThYVeigDApEPwxG3q8jacV+4CT99BrVGLkBk/D6txZqUlqRgZzoA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 00:18:40 GMT

GET
H3-29 200 -LO5XSH10H2.js Show response
www.facebook.com/rsrc.php/v3iBLa4/yT/l/de_DE/ Frame C9A4 36 KB
11 KB 15ms
13ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iBLa4/yT/l/de_DE/-LO5XSH10H2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b571c64b7d9de76e4d289fc1801f2144fdcbf816e320235c48b69105f21b83a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 18:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: w9T6RskZ2AI4UbyxPXpkdA==
cross-origin-resource-policy: cross-origin
content-length: 11399
x-fb-rlafr: 0
x-fb-debug: Gs63gHog5BV/aL8aveELvUEZf2uuZv29zT+5BHE6tniUanm4l06LC/fbL6ZI5EnpwpM46oC7eO/xYFfLApnPEA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 23 Jun 2022 18:32:44 GMT

GET
H3-29 200 ucrvnCy6QGs.js Show response
www.facebook.com/rsrc.php/v3/ym/r/ Frame C9A4 119 KB
32 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ym/r/ucrvnCy6QGs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85122b06215599126bb7a4638bc4f71508d8cfaa925ab08d7e0f57874b8e0f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QooJZ6zjhoVLlnSmlHsJ6A==
cross-origin-resource-policy: cross-origin
content-length: 32231
x-fb-rlafr: 0
x-fb-debug: 9ZLiySxRCU++Dabat2DLSbkEYRqFnmybrun6p2mTEGyUKaKQHCYC0z8aPugESAuYDiv0xWcxb1z9d0IohLJiRw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 18:37:34 GMT

GET
H3-29 200 ZgFm8WS-qYv.js Show response
www.facebook.com/rsrc.php/v3/yb/r/ Frame C9A4 5 KB
2 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yb/r/ZgFm8WS-qYv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c0b0d6a2053041b8907db0247a9c469d6cac92763895b1ffafc23e8452181b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iwBBYBsE5YPuuPsDPWIgjw==
cross-origin-resource-policy: cross-origin
content-length: 1608
x-fb-rlafr: 0
x-fb-debug: LsKWGlEhzgUsZSWNgRRW+VriyUISC6/NZPX/bypaIuBcbqPXscGpYtYdHKT/mG5siLH/L0CmIcehEzIYoHtMGw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 00:09:42 GMT

GET
H3-29 200 6Z6nrwIzKZR.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame C9A4 126 KB
33 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/6Z6nrwIzKZR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c191f51716d506ff79647a26aedb024df0214e5d7dfe4d810d03af366abb7c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: C/iq2sjZIgWk6PqFto8aBA==
cross-origin-resource-policy: cross-origin
content-length: 33800
x-fb-rlafr: 0
x-fb-debug: hW+GPbecZslVxBghMxGcnxCC/JPpjdWbUICZiXNBg65itp+/wUPavMsN5FX+pfypIoaFczZSE7qzE4LvRQ8scA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 00:08:43 GMT

GET
H3-29 200 77awws75CgW.js Show response
www.facebook.com/rsrc.php/v3ii5L4/yt/l/de_DE/ Frame C9A4 737 KB
162 KB 15ms
15ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3ii5L4/yt/l/de_DE/77awws75CgW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b9b5079dff5e28f45bec3cc35f17733c3d65154b35e9d20a6df0aeaf9f6ee41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:04:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wdXGBftLxITYHhzTI65gng==
cross-origin-resource-policy: cross-origin
content-length: 165969
x-fb-rlafr: 0
x-fb-debug: GJ2C480FnzKhV9B+Vse8MmcZNnjKS+zsQWkmm9iubAY93nxZYIfIpm+PtF54Ob7ql5pqX/FSLWU1BoW+3suR2Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 00:04:40 GMT

GET
H2 200 201483402_943697949535306_2109318077317767414_n.jpg
scontent-frx5-2.xx.fbcdn.net/v/t15.5256-10/s851x315/ Frame C9A4 30 KB
30 KB 25ms
7ms Image
image/jpeg 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-2.xx.fbcdn.net/v/t15.5256-10/s851x315/201483402_943697949535306_2109318077317767414_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=08861d&_nc_ohc=UtAx5dcKbO4AX8MEOFw&_nc_ht=scontent-frx5-2.xx&tp=7&oh=ca3da8c1973569ee57bfc79172cf96c2&oe=60E4A377
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3d18870c3ecd4c14b0a387db94615a99221f515b6696f67b943af5a14593fd5b

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1957517222
date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 917726464
last-modified: Sat, 03 Jul 2021 12:00:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 258843081
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 30611

GET
H2 200 107812854_2105058316291608_6024304009835061707_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.6435-1/cp0/p40x40/ Frame C9A4 2 KB
2 KB 42ms
9ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.6435-1/cp0/p40x40/107812854_2105058316291608_6024304009835061707_n.jpg?_nc_cat=102&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=GkdUBTgVcuUAX9OS6Rt&_nc_ht=scontent-frt3-1.xx&tp=27&oh=4eddd852118a558872d72843ae8b2380&oe=60E4E950
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f8e0f4b57a211f008528abff746fd076f28bc5ced1dcef2b1ebee6101dc91d6f

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3663912039
date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 10 Jul 2020 15:34:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2339598448
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1573

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame DDEF 69 KB
25 KB 175ms
161ms Script
application/javascript 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=269

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vgq7gz/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

nginx /

Resource Hash

411def3bbc60c15a3f981fd2704287028a150288225edb39c8fadaf053cb6ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vgq7gz/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
content-encoding: br
last-modified: Tue, 01 Jun 2021 20:02:36 GMT
server: nginx
etag: W/"60b6925c-11329"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 Xl87b.OvCc-small-Can-We-Say-Coup-dtat-The-As.jpg
sp.rmbl.ws/s8/1/X/l/8/7/ Frame DDEF 60 KB
60 KB 52ms
33ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/X/l/8/7/Xl87b.OvCc-small-Can-We-Say-Coup-dtat-The-As.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vgq7gz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: cc72c12855f4a120e4b586dcc7b589ec2691fb300fdf362f413b9945c82dab5d

Request headers

Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
last-modified: Fri, 02 Jul 2021 18:28:19 GMT
etag: "db32c7441fadc7502e3afa43a3eb4745"
x-hw: 1625317310.cds065.sk1.hn,1625317310.cds205.sk1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 61172

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D5E0 4 KB
2 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Sat, 03 Jul 2021 13:01:50 GMT

GET
H2 206 Xl87b.caa.rec.mp4
sp.rmbl.ws/s8/2/X/l/8/7/ Frame DDEF 4 MB
0 33ms
33ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/X/l/8/7/Xl87b.caa.rec.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vgq7gz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
last-modified: Fri, 02 Jul 2021 20:39:35 GMT
access-control-allow-origin: *
etag: "86d57ce7461a7d40702592396a72f486-69"
x-hw: 1625317310.cds065.sk1.hn,1625317310.cds018.sk1.c
content-type: video/mp4
Content-Range: bytes 0-358869223/358869224
cache-control: max-age=2592000
accept-ranges: bytes
Content-Length: 358869224

GET
H3-29 204 generate_204
www.youtube.com/ Frame D5E0 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?5b3t4g
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 H3UvZyzgmcZ.png
www.facebook.com/rsrc.php/v3/y7/r/ Frame C9A4 7 KB
7 KB 13ms
12ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y7/r/H3UvZyzgmcZ.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/l/0,cross/paV3RXmt3Vr.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6300c1a6ceb68612b91c4429c0f7af862102790ff31bc261c3991de5c3719ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yy/l/0,cross/paV3RXmt3Vr.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: n/Qb9vk04gZR+O3UCI/uibHuuFOU0j9mg8+/5cDLAEw+h0Fmi2MXz3O9yz7/GZx7iUf1Eykx1hvHJ3tzWnrKRw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: D0QXx2t5jnBhOpV2kkSV0Q==
date: Fri, 02 Jul 2021 20:05:19 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 6665
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Sat, 02 Jul 2022 20:05:19 GMT

GET
H2 200 10000000_2830440380538510_9119423151270954195_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 911 B
971 B 42ms
8ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_2830440380538510_9119423151270954195_n.mp4?_nc_cat=107&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=FCfzOE-qrgoAX9UMoh-&_nc_ht=video-frt3-1.xx&oh=a389480b5003b2f685f942d03e440b35&oe=60E081CD&bytestart=0&byteend=910
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/ym/r/ucrvnCy6QGs.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 74e72a4f7fa47c89a49c1129864e22084148a911f9be2c4d29829a5e0dab18d2

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 382461245
last-modified: Sat, 03 Jul 2021 13:00:45 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 911

GET
H2 200 10000000_2830440380538510_9119423151270954195_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 21 KB
21 KB 39ms
9ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_2830440380538510_9119423151270954195_n.mp4?_nc_cat=107&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=FCfzOE-qrgoAX9UMoh-&_nc_ht=video-frt3-1.xx&oh=a389480b5003b2f685f942d03e440b35&oe=60E081CD&bytestart=911&byteend=22566
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/ym/r/ucrvnCy6QGs.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5b8df79f22a4c1d2dbb4fb355e859b718829ef56ef0368a5b40ab03e2e421eb1

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 382461245
last-modified: Sat, 03 Jul 2021 13:00:45 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 21656

GET
H2 200 10000000_2830440380538510_9119423151270954195_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 33 KB
33 KB 37ms
9ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_2830440380538510_9119423151270954195_n.mp4?_nc_cat=107&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=FCfzOE-qrgoAX9UMoh-&_nc_ht=video-frt3-1.xx&oh=a389480b5003b2f685f942d03e440b35&oe=60E081CD&bytestart=22567&byteend=55852
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/ym/r/ucrvnCy6QGs.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1f756090d60e738d2042b397615ba4a103635c64a7232334ac5a3a32a6b30add

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 382461245
last-modified: Sat, 03 Jul 2021 13:00:45 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 33286

GET
H2 200 10000000_860747254531358_6867801717026050472_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 880 B
1 KB 33ms
8ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_860747254531358_6867801717026050472_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=TEUSbmuTtg8AX-I_fe5&_nc_ht=video-frt3-1.xx&oh=2fc13045ebcc156a4081d3e2645930c0&oe=60E087C6&bytestart=0&byteend=879
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/ym/r/ucrvnCy6QGs.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 18999fd02c1a73625f6f3210ba1ced35570a989fb73507889764ac4990ed5a92

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 382461245
last-modified: Sat, 03 Jul 2021 13:00:43 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 880

GET
H2 200 10000000_860747254531358_6867801717026050472_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 21 KB
21 KB 33ms
8ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_860747254531358_6867801717026050472_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=TEUSbmuTtg8AX-I_fe5&_nc_ht=video-frt3-1.xx&oh=2fc13045ebcc156a4081d3e2645930c0&oe=60E087C6&bytestart=880&byteend=22547
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/ym/r/ucrvnCy6QGs.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 19644a68d9e59134eaf90a1caa18c6208452fd76d00d0242df953ac204c8c4b8

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 382461245
last-modified: Sat, 03 Jul 2021 13:00:43 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 21668

GET
H2 200 10000000_860747254531358_6867801717026050472_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 16 KB
16 KB 32ms
8ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_860747254531358_6867801717026050472_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=TEUSbmuTtg8AX-I_fe5&_nc_ht=video-frt3-1.xx&oh=2fc13045ebcc156a4081d3e2645930c0&oe=60E087C6&bytestart=22548&byteend=38726
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/ym/r/ucrvnCy6QGs.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 98423a2b904d2dd5047bb3e9f15f2bafc4cd7e2bf77ef40e47df194e1a88b50a

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 382461245
last-modified: Sat, 03 Jul 2021 13:00:43 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 16179

GET
H3-29 200 ZDUg5dWit6K.js Show response
www.facebook.com/rsrc.php/v3/yO/r/ Frame C9A4 322 KB
65 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0154dbd160d05720fd8acd0c18ef81a246c1bc2103d862d40c0df3555860b70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 06:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xhIPKM4VkAYd9ODVuYG+uw==
cross-origin-resource-policy: cross-origin
content-length: 66979
x-fb-rlafr: 0
x-fb-debug: 2f6QelROmbSK41sV5PhS6d5skgvwQOlPm1vRtpz3CNZ8szMip3dTXgoJBrLkOsjDQanxtDcfOMNPo5WrCryzMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Jul 2022 06:48:43 GMT

GET
H3-29 200 JopZtdti8dq.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame C9A4 7 KB
2 KB 21ms
11ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 20:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy: cross-origin
content-length: 2270
x-fb-rlafr: 0
x-fb-debug: xx3euTOOrPEykGUxLt++iIGG1Oei3YnayipobUct0B+Z6KcQgXiXshVaRAksZaLiHKg5n3DiacFIKf1OuSQ2FQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Jun 2022 20:35:33 GMT

GET
H3-29 200 llF-VwweSQ_.js Show response
www.facebook.com/rsrc.php/v3iDfa4/yO/l/de_DE/ Frame C9A4 138 KB
30 KB 24ms
15ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iDfa4/yO/l/de_DE/llF-VwweSQ_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ae4b5b6e872f8cabef567119699fbfac8e0ef21827e41c51dabb5b793a59cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hwtwODizbgPbaAnK/ZNovA==
cross-origin-resource-policy: cross-origin
content-length: 30517
x-fb-rlafr: 0
x-fb-debug: NUQ0o2JazS3KIsi9PB0xAIBwGyyZM/LBT5XgCm3TbY+PJBd4Wn68TlfwRYlH9cjBkaZw98qAkwc/2J4mulBJNA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 00:14:10 GMT

GET
H3-29 200 IFPbGfpUmNQ.js Show response
www.facebook.com/rsrc.php/v3/yF/r/ Frame C9A4 6 KB
2 KB 22ms
15ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yF/r/IFPbGfpUmNQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35dedad96bb4d2de162df62d4c1aa13c28646fc15ed2794d49dca24913f2f919

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: y6hOY3E7/fIXX15pu53uLw==
cross-origin-resource-policy: cross-origin
content-length: 2179
x-fb-rlafr: 0
x-fb-debug: aPucs6Scn+i2la4ks+v2mwXZ7UeD9XMHCDhM7Xa2wAEyX14vlEOC4fn/NiDv3spUxi9atqGhbp2NCPJBEtGMnw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 18:48:56 GMT

GET
H3-29 200 6tN80AUxQBy.js Show response
www.facebook.com/rsrc.php/v3is1k4/yM/l/de_DE/ Frame C9A4 554 KB
133 KB 23ms
17ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3is1k4/yM/l/de_DE/6tN80AUxQBy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a561209022e819eb80bd3957ef6fee4a7fa6ebdf3c944acc71b2f80fd154fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 02:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VdliW7YHcJ7GHUL6KDV2wQ==
cross-origin-resource-policy: cross-origin
content-length: 136074
x-fb-rlafr: 0
x-fb-debug: zSr2ACxhw9Ey2dnzgVdqwyQrZv0Jhqf+1NYnwDnrv1xZnGqD/pAsljUIUawmCm37cDfL0+aieLlcKnp//O1A7A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 03 Jul 2022 02:01:57 GMT

GET
H3-29 200 avyRV1gG_1K.js Show response
www.facebook.com/rsrc.php/v3iUAd4/yk/l/de_DE/ Frame C9A4 2 MB
331 KB 29ms
22ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iUAd4/yk/l/de_DE/avyRV1gG_1K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab0bf4501f25c70b63ea0ced9ac816dc1c38e8d4df0fa217c467718e672f3218

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:48:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cg5KdcwHsxGmIJ+Gt94/BQ==
cross-origin-resource-policy: cross-origin
content-length: 338923
x-fb-rlafr: 0
x-fb-debug: Zxm6yJiTiHL3GLRw49fB++cSXUGuAuqvsmMADS8TJ99f8pwhBclgZthG2NaN5ExR4J3hkqZf0Uls95G+66GVEA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 18:48:09 GMT

GET
H3-29 200 L4ojpVxkZdt.js Show response
www.facebook.com/rsrc.php/v3imJ24/yT/l/de_DE/ Frame C9A4 6 KB
2 KB 27ms
21ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3imJ24/yT/l/de_DE/L4ojpVxkZdt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe59cb677fbf7ed82c1171fc0f442c03ed6f9bfc6c9b5f67c6753520f2527380

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HkvHgBIoVBtoELfOODjndA==
cross-origin-resource-policy: cross-origin
content-length: 2161
x-fb-rlafr: 0
x-fb-debug: Fm6O3YxeIPkP7MCCUW8pMW+zymFo/kQG2rH6FB7ZqXdfF/SjI6JUHfyeAPN/tsTKKc2uAMRGwE8/SyqhH6uRQg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 18:48:57 GMT

GET
H3-29 200 66x1Lb7GNil.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame C9A4 10 KB
3 KB 28ms
20ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/66x1Lb7GNil.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84fcd1a74e5138ec8c9bbea5cb9b25efd6ac75174f459fde6e2f04deba6f2ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 02:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5eyrzNa1OytBy2U1utKXhg==
cross-origin-resource-policy: cross-origin
content-length: 3372
x-fb-rlafr: 0
x-fb-debug: vYebKF0H7llov2p7fVOi81QJ4C1Nz825d0zqp20FbnFl2Ik2x9AqoRyCb3uHeYqrX2q0Boyx23zmRA2nIXZaNg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 03 Jul 2022 02:01:57 GMT

GET
H3-29 200 VRzSVH5iU-V.js Show response
www.facebook.com/rsrc.php/v3/ye/r/ Frame C9A4 8 KB
2 KB 29ms
21ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ye/r/VRzSVH5iU-V.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af3903db50a67f20683404e58394179910de4cf09b4afb28daa5cfaf6d48769c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 18:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xP9c/D1lFTvbdouj8XbBew==
cross-origin-resource-policy: cross-origin
content-length: 2065
x-fb-rlafr: 0
x-fb-debug: OH2tUAavCmxxKedN0ANUxd8Cz+/N4TiRq5l3Vg+5KNLZqK82eGs8J3rYJXe2Nh6dp3TO83+L5g+sVwSLf228ZA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 23 Jun 2022 18:23:19 GMT

GET
H3-29 200 7QSXiNm1h2i.css
www.facebook.com/rsrc.php/v3/yA/l/0,cross/ Frame C9A4 50 KB
10 KB 19ms
16ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yA/l/0,cross/7QSXiNm1h2i.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7979b1c0e5c83bae96efe608012eb1602d8ec1c511dd29fc1ae2405060dad96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 18:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: U5TC/+7Tpft+5DjaJfs6Pw==
cross-origin-resource-policy: cross-origin
content-length: 9835
x-fb-rlafr: 0
x-fb-debug: uKBAjvJ6bIM/rgmVD6T/QqG5kUEtsMsOtOxDihE03vIARehHbMT2StX0punXFj47yEAb6Kl93/wRwOvopFrsgA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 23 Jun 2022 18:23:30 GMT

GET
H3-29 200 10000000_1252048755247286_6241882238591276399_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 21 KB
21 KB 24ms
6ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_1252048755247286_6241882238591276399_n.mp4?_nc_cat=107&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9xZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=IYviULwnbMoAX_SXINz&_nc_ht=video-frt3-1.xx&oh=82401b8a745ae49a915142599f3f1599&oe=60E080A2&bytestart=910&byteend=22565
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6c1cae9f2110f7f027dfd5328de194a3e46997b8a822849d648d243f15fa46b4

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
last-modified: Sat, 03 Jul 2021 13:00:53 GMT
content-length: 21656
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 10000000_840206743293102_4126926681773840398_n.mp4 Show response
video-frx5-2.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 21 KB
21 KB 32ms
6ms Fetch
video/mp4 2a03:2880:f02d:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frx5-2.xx.fbcdn.net/v/t42.1790-29/10000000_840206743293102_4126926681773840398_n.mp4?_nc_cat=109&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9sZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=vbrPoSXIz9IAX8clnaj&_nc_oc=AQkfqyRYqtbmtZCEOvAfWaniNHvr0Y3BYaaEDptpZVyC_54M8mOwQw6P6FDChZWa_PSQg-R531o41Akkv3lnd-LG&_nc_ht=video-frx5-2.xx&oh=f7df3d772efb02748e6cb0ca30b54e33&oe=60E08974&bytestart=911&byteend=22566
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:101:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: efe3985b93969f9a3a670173dc8e8f89d0ab5682170e3ad7f317c35e4da6de74

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 1588961438
last-modified: Sat, 03 Jul 2021 13:00:50 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 21656

GET
H2 200 10000000_503049370900896_391746828305270826_n.mp4 Show response
video-frx5-2.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 21 KB
21 KB 27ms
6ms Fetch
video/mp4 2a03:2880:f02d:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frx5-2.xx.fbcdn.net/v/t42.1790-29/10000000_503049370900896_391746828305270826_n.mp4?_nc_cat=109&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=5UIIErtcvCsAX8WFvsF&_nc_ht=video-frx5-2.xx&oh=f4fa213c181fdd97a10c4b35f0f6f25f&oe=60E08825&bytestart=911&byteend=22566
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:101:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6f91f264df4a22c5b82b256892f3d120d10e1362e2f676a79596728efd3f12a0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 1588961438
last-modified: Sat, 03 Jul 2021 13:00:55 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 21656

GET
H2 200 10000000_493907998536489_2219973941180032840_n.mp4 Show response
video-frx5-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 21 KB
21 KB 30ms
6ms Fetch
video/mp4 2a03:2880:f02d:f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frx5-1.xx.fbcdn.net/v/t42.1790-29/10000000_493907998536489_2219973941180032840_n.mp4?_nc_cat=111&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZDFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HCwG_4nPNSQAX_volKh&_nc_ht=video-frx5-1.xx&oh=5564608d1867d8a061d08ac3dcc2c63e&oe=60E0866A&bytestart=911&byteend=22566
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8a062d16bb1a1ac9a2bb02e45d5dcddc140d0cff2c38fa4e1575a69faafa1e7a

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
x-fb-trip-id: 1588961438
last-modified: Sat, 03 Jul 2021 13:00:57 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 21656

GET
H3-29 200 10000000_2830440380538510_9119423151270954195_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 62 KB
62 KB 7ms
7ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_2830440380538510_9119423151270954195_n.mp4?_nc_cat=107&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=FCfzOE-qrgoAX9UMoh-&_nc_ht=video-frt3-1.xx&oh=a389480b5003b2f685f942d03e440b35&oe=60E081CD&bytestart=55853&byteend=119754
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 353c60b47251cca247f1329922d2f995f71cfcd08d30b92864a01daa9a461e2d

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
last-modified: Sat, 03 Jul 2021 13:00:45 GMT
content-length: 63902
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 10000000_860747254531358_6867801717026050472_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 32 KB
32 KB 7ms
6ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_860747254531358_6867801717026050472_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=TEUSbmuTtg8AX-I_fe5&_nc_ht=video-frt3-1.xx&oh=2fc13045ebcc156a4081d3e2645930c0&oe=60E087C6&bytestart=38727&byteend=71452
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ce3358d4fda8ccb9db52074f002de30149462e2fccce551a5b5560cbc3c2d9a8

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
last-modified: Sat, 03 Jul 2021 13:00:43 GMT
content-length: 32726
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 3S7wBnoaB4l.js Show response
www.facebook.com/rsrc.php/v3icJd4/yG/l/de_DE/ Frame C9A4 2 MB
355 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3icJd4/yG/l/de_DE/3S7wBnoaB4l.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85b2e69a98c8c2c8ece710b1822cb3875bfc09287c794a449157ec0602d2ee86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Sa67w6s75hcP76dkwga3sg==
cross-origin-resource-policy: cross-origin
content-length: 363371
x-fb-rlafr: 0
x-fb-debug: d12TOevW/nUQMCXXqv4G7rrCxe2esFHJxZOS0CgplNxlsrzbA0P/iM89ymaYPMEPQc50CFy9+QONN7c7NtXpWQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 20:37:08 GMT

GET
H3-29 200 hO6utCIBZnh.js Show response
www.facebook.com/rsrc.php/v3iG5V4/y0/l/de_DE/ Frame C9A4 2 MB
351 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iG5V4/y0/l/de_DE/hO6utCIBZnh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3080f04ee8a358dc708a55b85933ba1f056eb3795421922d3247381d1efd635f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LnYVhXiz7D3fSUJ4CTLT9g==
cross-origin-resource-policy: cross-origin
content-length: 359317
x-fb-rlafr: 0
x-fb-debug: X8hsul4QsbYgP9KXW1623r58sXl2+8pC3mtjtjrFge/KY6l3b2MgekcuAaTu7CFkNNBB/k66seva6kkJCQooDg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 00:18:41 GMT

GET
H3-29 200 QlgPm0Touhu.css
www.facebook.com/rsrc.php/v3/yy/l/0,cross/ Frame C9A4 319 KB
84 KB 17ms
15ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yy/l/0,cross/QlgPm0Touhu.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a12da5c1bb4a9e608409a7e1d665889bb97fb87a4afe109346963f03a83edb34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ltg6pxz/RMab2/gAJ2etyw==
cross-origin-resource-policy: cross-origin
content-length: 86221
x-fb-rlafr: 0
x-fb-debug: JW2svo31NIwoUd5SAIfUVtXL6J7qIoNZGrrpRVDWGo39kxTUpBjehNQvWFQYxSvtkOSryWUdg59akXk0E7bbMw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 21:42:59 GMT

GET
H3-29 200 XwC-VB9pk0A.css
www.facebook.com/rsrc.php/v3/yV/l/0,cross/ Frame C9A4 34 KB
8 KB 17ms
15ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yV/l/0,cross/XwC-VB9pk0A.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44a601116577e6f34f58b205952a68a6a7e3b3056b9c03cc7d11bb273d88d38d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:47:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: II6mGKedioLL/uW/myOTWQ==
cross-origin-resource-policy: cross-origin
content-length: 8075
x-fb-rlafr: 0
x-fb-debug: y6gXhG8QbvUGSOb0j3FMIMqacZ3fAfh24fpUMUTktzbKy4qNP6AVbiUTKvJti9RrzdCobu+0DbcLHHP/GYCwvg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 18:47:47 GMT

GET
H3-29 200 e7ZDE51yQ4q.js Show response
www.facebook.com/rsrc.php/v3iaYX4/yA/l/de_DE/ Frame C9A4 100 KB
28 KB 24ms
22ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iaYX4/yA/l/de_DE/e7ZDE51yQ4q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8418714b329afd059e6cc7c14e6ce25ee411c1932b934c74817f258c083ed61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 18:51:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: UykpQBAfUeo1AU15CR0Sfg==
cross-origin-resource-policy: cross-origin
content-length: 28508
x-fb-rlafr: 0
x-fb-debug: ere/ipzH1eQ5oMr0Zrgs9TRnjwbGe5bh5g7g9Ed8+v3/2jCfTAn3zvqIBSZgHBTinaEqAjekM6ddV92lt/ZzRA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 23 Jun 2022 18:51:01 GMT

GET
H3-29 200 _9II92oh_AB.css
www.facebook.com/rsrc.php/v3/y2/l/0,cross/ Frame C9A4 1 KB
453 B 19ms
17ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y2/l/0,cross/_9II92oh_AB.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9654e029bf8369e3c8f1c38d86bb7778248331ba320feaabfb3e207c390e685

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 18:41:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9ItUNcXwo9dB0Sr1aAUCQQ==
cross-origin-resource-policy: cross-origin
content-length: 395
x-fb-rlafr: 0
x-fb-debug: L7orftNT1ceXSHREPdsb9fD6garjA72bszSEwgVfLFKlIBgc5/c/8p+DYy3CdeENZKIha2gbBZvim0gW08/ECQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 23 Jun 2022 18:41:45 GMT

GET
H3-29 200 9oTFCaVfV_e.js Show response
www.facebook.com/rsrc.php/v3iEpx4/yQ/l/de_DE/ Frame C9A4 22 KB
6 KB 26ms
25ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpx4/yQ/l/de_DE/9oTFCaVfV_e.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0287f56a6121d359762b6b3cc66988b17cc1e0293e5933be351b10e169e7c6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: U7tUzQ9iHG5V3wn7184o5A==
cross-origin-resource-policy: cross-origin
content-length: 5694
x-fb-rlafr: 0
x-fb-debug: txG5QqCBOwXpbhEsxfVKgzg/586ELEMBpJPYKd2f5GED5d3NSeAiruq2CZEkwYDOuOXBFAIcZWEE9yc38anS7Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Jun 2022 20:08:29 GMT

GET
H3-29 200 _gFw_z4GvoG.js Show response
www.facebook.com/rsrc.php/v3iD284/y7/l/de_DE/ Frame C9A4 48 KB
10 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iD284/y7/l/de_DE/_gFw_z4GvoG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9147bcddf734f6ec04c8f623b7f1baab2a84b9a23d891a29e76bfd25684537e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:48:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jF+0jkkD9cqMc1/2QY/m+w==
cross-origin-resource-policy: cross-origin
content-length: 10164
x-fb-rlafr: 0
x-fb-debug: FDBBScxoU0LpMg4P2QCTDeNvlXCiaZlWvwDJQc6s1P4ew8h9qbQPB2YIzGxxkCK7TVqgD2QQvTqkV5bA0rmW6w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 18:48:09 GMT

GET
H3-29 200 CMyHj_BWPXz.css
www.facebook.com/rsrc.php/v3/yj/l/0,cross/ Frame C9A4 100 KB
16 KB 22ms
21ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yj/l/0,cross/CMyHj_BWPXz.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f968ae92babf806862af54b65e3f52138c14eec79cf62ac5a1806eb50a86040d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:47:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tepFNmuMzhSA9GmMrVJxrQ==
cross-origin-resource-policy: cross-origin
content-length: 16422
x-fb-rlafr: 0
x-fb-debug: RBNBADHQNeOeWmjyXc7skpU1bYRSiK+BQr74a8SxdHS9GGeVNSby95gBNEd3jjNc42jzmmBovuFT5qQeS13Pzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 18:47:47 GMT

GET
H3-29 200 ScnrCYzVF8H.css
www.facebook.com/rsrc.php/v3/yY/l/0,cross/ Frame C9A4 15 KB
2 KB 23ms
22ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yY/l/0,cross/ScnrCYzVF8H.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c2e0c1a113a28e4471191b27a3e3ef8fdd20292163ac52fbb65c88bd25f78db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 23:40:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G6ja+2VRb20ZbGsYCsFc1w==
cross-origin-resource-policy: cross-origin
content-length: 1997
x-fb-rlafr: 0
x-fb-debug: dRSs6n1hhjuwTYkqADapSd0GMQKuW5VKLlka5VatmiJKLWytgMDJICu9PYGM0+3I/WWFMiDXDgueXn3ZvOHUkg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Jul 2022 23:40:38 GMT

GET
H3-29 200 Evy0SOUbBaA.png
www.facebook.com/rsrc.php/v3/yD/r/ Frame C9A4 350 B
404 B 18ms
17ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yD/r/Evy0SOUbBaA.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y3/l/0,cross/om5gKnm0yt8.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87435955de61ebbe01d7870d7e5e90a7a6d2b26580f8d512118d3ed5bf29a21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/y3/l/0,cross/om5gKnm0yt8.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ZSsTZ/1cn88GPZC/i6gjnqNWOLPh4Qi7RXnBUxzk34v6HM9h3YleYvrL18Dp07hOrxF9a0sRLojWGC+tz4JAiQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: RQCt2eBzOXfYPWYprUERUQ==
date: Fri, 02 Jul 2021 13:12:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 350
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Sat, 02 Jul 2022 13:12:53 GMT

GET
H3-29 200 / Show response
www.facebook.com/ajax/bootloader-endpoint/ Frame C9A4 13 KB
4 KB 64ms
63ms XHR
text/javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bootloader-endpoint/?modules=VideoSettingsControl.react&__user=0&__a=1&__dyn=7xeUmBz84e5U5O8G6EjBAodo6C2i5U4e1FDxt3ocWwAyUuxa16whoS2SaCx3wmrwWwpUe8hwem265o3wwobG1ewho24wbG78c87m2210x-8wlU-5E1pHzoaEaoG0DE7e2l0FG0iy1uwZwlo5qfxW0y8jwVw9O1iwKwHwUwlonwhE2LwGw4ywp8Gdw&__csr=&__req=1&__hs=18811.PHASED%3Aplugin_video_pkg.2.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1004076034&__s=%3A%3Aj418k6&__hsi=6980684689554267397-0&__comet_req=0&__sp=1

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/P9HQ5PCWcHJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea579060fcf51dcfbef4b90437e34ac141675f8e7ed8bae028063b914d97bc8d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FBradleeDeanSOL%2Fvideos%2F943697912868643%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: WBRfPn8xC7qMW6DGOsMNglr4KdUO1l2lsTuAjOOcLk5u+KVWy6BjBpaVdHsFGRnmn/rmVc4GUu+Pmo/MM7pAQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 03 Jul 2021 13:01:50 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 aK_2R1SlNSD.png
www.facebook.com/rsrc.php/v3/yX/r/ Frame C9A4 8 KB
8 KB 11ms
7ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yX/r/aK_2R1SlNSD.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yA/l/0,cross/7QSXiNm1h2i.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b880c1f17279079cf0e99cb85cfbd97abd45666cf2b56770a1fdc7ee21b6faa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yA/l/0,cross/7QSXiNm1h2i.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: bFUdlFZPqepaZhWal56ghK72fG6erw6fRuRpdtir0929nNfxpyhqx4wk2cK36dJqSJIZcmc3lwmH9xLG+nJvNQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: iUrKrfG8nhKWCzsF6ELRWg==
date: Thu, 01 Jul 2021 01:27:21 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 8282
x-fb-rlafr: 0
expires: Fri, 01 Jul 2022 01:27:21 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame DDEF 48 KB
19 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=269

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4788
date: Sat, 03 Jul 2021 11:42:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sat, 03 Jul 2021 13:42:02 GMT

POST
H2 200 view...gq7gz.p78j9m
rumble.com/l/ Frame DDEF 35 B
191 B 134ms
125ms Ping
image/gif 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...gq7gz.p78j9m?p=2.3&r=84908655&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=269

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vgq7gz/?pub=hw409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 03 Jul 2021 13:01:50 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H3-29 200 10000000_860747254531358_6867801717026050472_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 32 KB
32 KB 9ms
6ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_860747254531358_6867801717026050472_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=TEUSbmuTtg8AX-I_fe5&_nc_ht=video-frt3-1.xx&oh=2fc13045ebcc156a4081d3e2645930c0&oe=60E087C6&bytestart=71453&byteend=104163
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d0ee975849011c9df584cec8c38b1a850f8c25917d9d4be7ecc107ee63d3f4e3

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
last-modified: Sat, 03 Jul 2021 13:00:43 GMT
content-length: 32711
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 10000000_2830440380538510_9119423151270954195_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 92 KB
92 KB 7ms
6ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_2830440380538510_9119423151270954195_n.mp4?_nc_cat=107&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=FCfzOE-qrgoAX9UMoh-&_nc_ht=video-frt3-1.xx&oh=a389480b5003b2f685f942d03e440b35&oe=60E081CD&bytestart=119755&byteend=213522
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4efac3942c193ca39714de4eff8e6796bd876aac41ed30e285c164bd24d01262

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
last-modified: Sat, 03 Jul 2021 13:00:45 GMT
content-length: 93768
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 10000000_860747254531358_6867801717026050472_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 32 KB
32 KB 6ms
6ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_860747254531358_6867801717026050472_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=TEUSbmuTtg8AX-I_fe5&_nc_ht=video-frt3-1.xx&oh=2fc13045ebcc156a4081d3e2645930c0&oe=60E087C6&bytestart=104164&byteend=136887
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 523e477b05ee34b7589fe5aa7f7a49839ad6b70ab41cca9e7ee3f1719316b406

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
last-modified: Sat, 03 Jul 2021 13:00:43 GMT
content-length: 32724
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 10000000_2830440380538510_9119423151270954195_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 149 KB
149 KB 6ms
6ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_2830440380538510_9119423151270954195_n.mp4?_nc_cat=107&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=FCfzOE-qrgoAX9UMoh-&_nc_ht=video-frt3-1.xx&oh=a389480b5003b2f685f942d03e440b35&oe=60E081CD&bytestart=213523&byteend=365921
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 808f944b1c109e9dd9b53dc926c5c2fcd798712d7afa2b97682a0fd9ccc4e807

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:50 GMT
last-modified: Sat, 03 Jul 2021 13:00:45 GMT
content-length: 152399
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 0L5gppRlswe.png
www.facebook.com/rsrc.php/v3/yh/r/ Frame C9A4 404 B
458 B 6ms
6ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yh/r/0L5gppRlswe.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/l/0,cross/_9II92oh_AB.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/y2/l/0,cross/_9II92oh_AB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: +LHmS9MnbtLeqU30Ft9MUixz8uGx3shpe+1cw+M4bheXuAORMhaqMvnByL5Bka2gaDGcFVXX/RvIObUeamcCdQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: bDizLuK+pYt04fjxlQ20xQ==
date: Tue, 29 Jun 2021 04:12:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 404
x-fb-rlafr: 0
expires: Wed, 29 Jun 2022 04:12:45 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame DDEF 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=601810871&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vgq7gz%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Can%20We%20Say%20Coup%20d%26apos%3B%C3%A9tat%3F%20The%20Assaults%20Continue!%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAAC~&jid=2046228322&gjid=1012646604&cid=489728188.1625317311&tid=UA-44331619-1&_gid=1697165220.1625317311&_r=1&_slc=1&z=249786154

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame DDEF 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=601810871&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fuhw409.vgq7gz%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Can%20We%20Say%20Coup%20d%26apos%3B%C3%A9tat%3F%20The%20Assaults%20Continue!%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=vgq7gz&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=489728188.1625317311&tid=UA-44331619-1&_gid=1697165220.1625317311&z=181480035

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vgq7gz/?pub=hw409

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 19:31:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63016
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ Frame DDEF 4 B
25 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-44331619-1&cid=489728188.1625317311&jid=2046228322&gjid=1012646604&_gid=1697165220.1625317311&_u=YEBAAEAAAAAAAC~&z=1771251544

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 03 Jul 2021 13:01:51 GMT
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_860747254531358_6867801717026050472_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=TEUSbmuTtg8AX-I_fe5&_nc_ht=video-frt3-1.xx&oh=2fc13045ebcc156a4081d3e2645930c0&oe=60E087C6&bytestart=136888&byteend=169248
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7694a2a34570c6136fca1f76f1a306491d633be1bfd24b18a455ffe39455e8a8

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:51 GMT
last-modified: Sat, 03 Jul 2021 13:00:43 GMT
content-length: 32361
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 10000000_2830440380538510_9119423151270954195_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 110 KB
110 KB 6ms
6ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_2830440380538510_9119423151270954195_n.mp4?_nc_cat=107&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=FCfzOE-qrgoAX9UMoh-&_nc_ht=video-frt3-1.xx&oh=a389480b5003b2f685f942d03e440b35&oe=60E081CD&bytestart=365922&byteend=478131
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 64d0a77ca78de6be3575058fd6520a50540f81147a2e18eaea335a31ce92e0d6

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:51 GMT
last-modified: Sat, 03 Jul 2021 13:00:45 GMT
content-length: 112210
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 ga-audiences
www.google.com/ads/ Frame DDEF 42 B
63 B 16ms
16ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-44331619-1&cid=489728188.1625317311&jid=2046228322&_u=YEBAAEAAAAAAAC~&z=1478024731

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ Frame DDEF 42 B
63 B 25ms
24ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-44331619-1&cid=489728188.1625317311&jid=2046228322&_u=YEBAAEAAAAAAAC~&z=1478024731

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jul 2021 13:01:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 10000000_2830440380538510_9119423151270954195_n.mp4 Show response
video-frt3-1.xx.fbcdn.net/v/t42.1790-29/ Frame C9A4 88 KB
88 KB 6ms
6ms Fetch
video/mp4 2a03:2880:f01c:20f:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-frt3-1.xx.fbcdn.net/v/t42.1790-29/10000000_2830440380538510_9119423151270954195_n.mp4?_nc_cat=107&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=FCfzOE-qrgoAX9UMoh-&_nc_ht=video-frt3-1.xx&oh=a389480b5003b2f685f942d03e440b35&oe=60E081CD&bytestart=478132&byteend=568378
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yO/r/ZDUg5dWit6K.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:20f:face:b00c:0:1823 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 464818fe6e9d71676f1d7aaa9cd7d59738375ec15fd9ce28fc401e39bb83eeae

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jul 2021 13:01:51 GMT
last-modified: Sat, 03 Jul 2021 13:00:45 GMT
content-length: 90247
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D5E0 28 B
54 B 20ms
20ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kxdadyu1_S8
X-YouTube-Client-Version: 1.20210629.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtGMHNXNDFhZG5TSSi9v4GHBg%3D%3D
X-YouTube-Ad-Signals: dt=1625317309806&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image&bid=ANyPxKpt3wxI_BlOTROJIm8UPWkk25Y9k32gHnAux0CGkCLRY2efxkNoDZz7ZpxsZS5Q8v8D5HPP47RQPdYdUpajP3Kw3q_2mA

Response headers

date: Sat, 03 Jul 2021 13:01:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 03 Jul 2021 13:01:51 GMT

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 04:50:13	Name: IDE Value: AHWqTUk9Zu1JGJMN24KZscU2BAhIQn0wXyloukFWsSbRZm6K51mIryt5BWtpCR2u0yE
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22KyJhrzq1t%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308225%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625317308265%7D%7D
.beforeitsnews.com/	1970-01-20 12:59:49	Name: _ga Value: GA1.2.1051320217.1625317308
.beforeitsnews.com/	1970-01-19 19:28:37	Name: _gat_gtag_UA_16055024_1 Value: 1
.beforeitsnews.com/	1970-01-19 19:30:03	Name: _gid Value: GA1.2.1421143118.1625317308
beforeitsnews.com/	1970-01-20 19:28:37	Name: b4in-uuid Value: cc5ae0ff-17e4-4060-a5f3-725328aea3cd
beforeitsnews.com/	1970-01-19 19:28:45	Name: __cflb Value: 04dToerZmTfQcfwEHt8ULGdndf17BZ3qK5QYJwfGNs
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://beforeitsnews.com/(Line 532) Message: [Web Cached] Loaded time: 0.00236s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210610.js(Line 32) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20216313(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20216313(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.beforeitsnews.com
ajax.beforeitsnews.com
amg-news.com
beforeitsnews.com
bidswitch-eu.splicky.com
bnt-cdn.b-cdn.net
c.mgid.com
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgflip.com
i.ytimg.com
i0.wp.com
iili.io
img.beforeitsnews.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
lisahaven.news
lockerdome.com
match.adsrvr.org
match.sharethrough.com
miro.medium.com
pagead2.googlesyndication.com
photos.brighteon.com
rddywd.com
robscholtemuseum.nl
rumble.com
s-img.mgid.com
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
sb.scorecardresearch.com
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-2.xx.fbcdn.net
secure-assets.rubiconproject.com
servicer.mgid.com
settingbrushfires.com
sp.rmbl.ws
sphorical.site
static-3.bitchute.com
static.doubleclick.net
stats.g.doubleclick.net
token.rubiconproject.com
translate.google.com
translate.googleapis.com
video-frt3-1.xx.fbcdn.net
video-frx5-1.xx.fbcdn.net
video-frx5-2.xx.fbcdn.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.naturalblaze.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.109.78.125
104.154.142.214
104.16.221.74
104.18.255.14
104.19.133.78
104.19.136.78
104.19.216.61
13.224.193.109
13.224.193.126
13.224.193.63
13.248.242.197
151.139.128.11
151.139.242.29
169.59.64.184
172.217.16.130
178.21.113.136
18.158.174.89
185.184.8.65
185.59.220.194
188.34.190.35
192.0.77.2
2.19.35.65
2600:9000:20eb:e400:1f:2f70:3e80:93a1
2600:9000:2156:3200:1:93c2:a1c0:93a1
2606:4700:10::6816:4a8a
2606:4700:10::6816:4b8a
2606:4700:3031::6815:123e
2606:4700:3031::6815:403e
2606:4700:3031::6815:4f57
2606:4700:3032::6815:eb5
2606:4700:3036::6815:407
2606:4700:3036::6815:eb9
2606:4700:3036::ac43:8a2c
2606:4700:7::a29f:9804
2606:4700::6812:e134
2a00:1450:4001:800::2004
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::2016
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9c
2a00:1450:400c:c08::9c
2a03:2880:f01c:20f:face:b00c:0:1823
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:101:face:b00c:0:1823
2a03:2880:f02d:f:face:b00c:0:1823
2a03:2880:f12d:181:face:b00c:0:25de
3.64.144.49
69.173.144.165
89.40.36.137
0154dbd160d05720fd8acd0c18ef81a246c1bc2103d862d40c0df3555860b70b
015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123
0287f56a6121d359762b6b3cc66988b17cc1e0293e5933be351b10e169e7c6d1
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
0530fb6d18011e8cf727739c32d28d3dfa5b5bedb9ec39e9cd4a358e734d86d7
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0bbb1f3a4684166859f238185f3825aa0e7b1ef293b393fef209143f0f8152f9
0d844320be6d38c9e4903a6fee7b42d7315bb8a3086b1cc2df61f04cbeda3637
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
11790f2fe7b5f94bbfa99fc1715ed871f483cdcba36ec1ada9e85b653fd8bd48
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
161d3318c8711699f208283a602f9aea6bb998fd04279472f4e9cd476ebc60f9
17313826b40e8116fd2b4af97e56037e0edc59d246de536e4c3175a461cdc02b
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
18999fd02c1a73625f6f3210ba1ced35570a989fb73507889764ac4990ed5a92
19644a68d9e59134eaf90a1caa18c6208452fd76d00d0242df953ac204c8c4b8
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1a561209022e819eb80bd3957ef6fee4a7fa6ebdf3c944acc71b2f80fd154fb5
1b7dbdfdde557111bb449efebcd6f8b789e3074373ba021763af12a97d6b6387
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1e1423f9d6821667a0b3c65d2d00fffd9ed219f6b3514d7ee6d5893239cfb54e
1f756090d60e738d2042b397615ba4a103635c64a7232334ac5a3a32a6b30add
20a6b71288b80acf47c79d82ac3ea6d2a724985e1569325978efef53c379547a
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2
27db63fa0690baeb3da9cf4c50db5939e67830952794cead83f830f1a3cc9567
288781a52d6c6b1f48b59a03788a7afc5fab5939b5deb8967953aad83ba30156
2ae4b5b6e872f8cabef567119699fbfac8e0ef21827e41c51dabb5b793a59cb0
2afc8a488dd591afcf9ee6f6e91f808834fa48a16c477a6cdb3965c5796f3e71
2bb10375fd4cee8c271968dec8a2bfe4b3913b7a66f4862ab1c814c9088a2bf8
2be764d0ba481df1ab2500790a145ba4fcd4fab0a4a927f5c0ea8e027e22ad7b
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2c482195ca466e9368874d0bd518aef7f74c3d9b36f8ff43013bdff9e67bd148
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e035cc0d466ad57791319e528e7172ef1c27b055dd39e3981ad19bea7531085
2e53c00b4602d29acb9141b71a0a25fb41b7d87c6d82feb4dbc8328a1608d960
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
300e8ac7bae24b8989826c83639b6c4d9c660ebaf0f1d5c55dc27cfee6c53591
3080f04ee8a358dc708a55b85933ba1f056eb3795421922d3247381d1efd635f
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
353c60b47251cca247f1329922d2f995f71cfcd08d30b92864a01daa9a461e2d
3589a507d7265dfa010f90dfb9335d6a2b790872bda92fabb42ecce357b2611f
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
35dedad96bb4d2de162df62d4c1aa13c28646fc15ed2794d49dca24913f2f919
3918c6cc193b662a6a4e514d7ba4011cbfe4523c14f6e5bfdb2f1d1b2962d76c
39556538ec36accef2aaf8236e6853491a437adcc43486ff5d304adc5e89a821
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3c742ac1fd130e0087a412627b2cc4debc06c4c5f2274aea04cd9f1a23cbf170
3c81451d9b65974bb499de443a7ef72f4fed79c7165a9a975348f252c0b5c6d2
3cc136775653a81f3cc7b882958d8d66be61a89f20431c5ca1f07f0075ebb304
3d18870c3ecd4c14b0a387db94615a99221f515b6696f67b943af5a14593fd5b
3d95bb99a77e5b7f415ac5f570998afda8c6360b08d7e8b14fc9c61905212685
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4118e3905681f28cf8dc9eb48bd5aabd36bff99666193810868d9182ba9686da
411def3bbc60c15a3f981fd2704287028a150288225edb39c8fadaf053cb6ddf
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
445ac3a3c5d701d4d3fe7724b549b890661785440582f0a7b9fbd352d37588ac
44a601116577e6f34f58b205952a68a6a7e3b3056b9c03cc7d11bb273d88d38d
462084d4cb614c5f8ba6252ccc8cd15bba6597ffd0c08884efea070609f16d5c
464818fe6e9d71676f1d7aaa9cd7d59738375ec15fd9ce28fc401e39bb83eeae
4719921e36895d8f53e9bc3e6239f80e5ad9c68d856473f43b6c483d615652ec
473c0c16cb2f3a17e4e211ae1505c4a01e02247de73c05d4545fa0a802033bac
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d95ee941b3c472f8ce6db98a735f3ac25713ba70a7a38dfc95fcb3695ecb986
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4efac3942c193ca39714de4eff8e6796bd876aac41ed30e285c164bd24d01262
4f307e63fa3f45740110f8eeb62fcb1e9cbcf5189aa5d40aacc317ccb4d66f8a
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
5097d51b2ac7ffec58d3985e350678641385cd724eac23d5ad51494f01bbb1e1
5171c54d78ebf5bc0629118b6677cba38c3a6c7cf6d6b6ee6e434485ea95452a
521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b
523e477b05ee34b7589fe5aa7f7a49839ad6b70ab41cca9e7ee3f1719316b406
54e88b8590e895a4f2c75d93ffe0cd77742e4b0ae50a4ac4d09e5974a56ca2c7
5606fd1ee298a881907f63db9306e3292178cddc82eae68dd2dd0dc0a5c9bb0d
58ffef670f74318a8517ac12b0d5bd84aa3523dde01b760545f4ab6ee89ad49f
5b349827c1b1596d5382ab767d0ddf304b61d7b3b0a2d97004b2a3ab75edf78f
5b8df79f22a4c1d2dbb4fb355e859b718829ef56ef0368a5b40ab03e2e421eb1
5b997bcff91f40fdd88dfa17feadca80bc7029e99e6dcbe6d78f3a1e210a9432
5c0b0d6a2053041b8907db0247a9c469d6cac92763895b1ffafc23e8452181b0
5c2e0c1a113a28e4471191b27a3e3ef8fdd20292163ac52fbb65c88bd25f78db
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5de5c68f8e804e74663d3133a488612b1cd12038ea25f2a39128b51cfc78480e
5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
64d0a77ca78de6be3575058fd6520a50540f81147a2e18eaea335a31ce92e0d6
65a3573a374b60552bfaf599cbda271a4301bbad1b489f65f091c3208f1e759e
6605e5e02ccbdf479a9fb8962c3b16ac3aca8d0831c128a0c7e208dc846e937e
661693d8400dd56429b5f0b12f46df537d4010b6bbc36ccb00a77920ed99acb4
674cd866661680e597374faa299658c7a8703c221e7900ac3119bcdc3a472e7e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c1cae9f2110f7f027dfd5328de194a3e46997b8a822849d648d243f15fa46b4
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
6f91f264df4a22c5b82b256892f3d120d10e1362e2f676a79596728efd3f12a0
7248e32ebd92d2ac3ab5ee0c0f7c7a35cea713bdd2577bba1de4b7562ee5f483
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74e72a4f7fa47c89a49c1129864e22084148a911f9be2c4d29829a5e0dab18d2
755e42d3eae92980ac7b88519e5e583e530de62d630c5c7c99a2f49545e9210a
75b0a7bd1689b8f44e349e382ac54c3004d8559c347546ec7f3aea716cad758f
7694a2a34570c6136fca1f76f1a306491d633be1bfd24b18a455ffe39455e8a8
795568e2ce378173973dd5558d429526ea5d679382c35d42fda3768de1e9d9d8
7979b1c0e5c83bae96efe608012eb1602d8ec1c511dd29fc1ae2405060dad96c
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7a8ac72f552e8098ae08b576b2b1b13d55df74faf91c20e4eb01603f919bea3a
7c481abeecbc6afc66ddd1f4aff8e1f9f4bf862a6d4ebd07aa65ed78749ba7a2
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7f73142070cf0aaddcbcf11e81d4546f681083413a9b9dc30a47b1c0a2e4b147
808f944b1c109e9dd9b53dc926c5c2fcd798712d7afa2b97682a0fd9ccc4e807
81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fcd1a74e5138ec8c9bbea5cb9b25efd6ac75174f459fde6e2f04deba6f2ce3
85122b06215599126bb7a4638bc4f71508d8cfaa925ab08d7e0f57874b8e0f2b
85b2e69a98c8c2c8ece710b1822cb3875bfc09287c794a449157ec0602d2ee86
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87435955de61ebbe01d7870d7e5e90a7a6d2b26580f8d512118d3ed5bf29a21a
88ff58726b9d4b516a8b9375256d5347bd6e273954f44b8e5b9f58d7b7b925e6
892e1745fa1d90670bc75a601352acca7c6dfad725ca6adea32b8598701cf7ae
8a062d16bb1a1ac9a2bb02e45d5dcddc140d0cff2c38fa4e1575a69faafa1e7a
8a25eed2a4aca273494f7d96a84e0319fe77e613d53ac9fab513e843b43d33fa
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
91ac2f2a8b0a0918f41cde2cf21cc806087a04ad341cf394abd5453ce1217d45
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
9341c2dffef060dc610a5a546f7addbe85a3005a62c8d5f076aafee880d48042
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54
9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f
97b157d25b2620c6a59a6ed469adcc741ce36e24b7a134a466ab95bfece785c7
983eec036059654e2dcefa62f6049eec38d82389a1b2f12b688e998b2058e79e
98423a2b904d2dd5047bb3e9f15f2bafc4cd7e2bf77ef40e47df194e1a88b50a
9a7af7a659f73a8bfa37060244274f6015846391ddec69dbbf3d96ece87c2701
9ab5784798bb5524845afef2ca4a44469511410c5e055add9a5deca2a253e877
9b9b5079dff5e28f45bec3cc35f17733c3d65154b35e9d20a6df0aeaf9f6ee41
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a12da5c1bb4a9e608409a7e1d665889bb97fb87a4afe109346963f03a83edb34
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42a17f4a59659c1e8a52ad3caf966b00bc0f37f7cec85951a9abf792bbe822b
a7af589e6f739b847df394068f77b79e76dcf6c26f8ee9f8fdd7eec10684f0f8
a8215424cf0c53d83214760b379ddad6eff056e9dd8a64a9c7e8f40a5aba821f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab0bf4501f25c70b63ea0ced9ac816dc1c38e8d4df0fa217c467718e672f3218
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3903db50a67f20683404e58394179910de4cf09b4afb28daa5cfaf6d48769c
b00e8e2754cf8d62948bfc6874827336c44edf43285c38478f5d72df8c3da84b
b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e
b27ceef62a088fbda0bdff5801caad50d524ff9dde0aa86cba7595fa2612a498
b2a85c91c46dcb480f5253cbf0cfc61a63eb1a296b065deb2f7e8e52f8e99694
b38dd1f2ceedac97f871e11e018963494ef18b2b214b378c43b0913cf547af6b
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b55ba4b82d926f451eb2715376235c69d9ccc08f9d66569d88cc2c1010213744
b571c64b7d9de76e4d289fc1801f2144fdcbf816e320235c48b69105f21b83a5
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b880c1f17279079cf0e99cb85cfbd97abd45666cf2b56770a1fdc7ee21b6faa8
b8c3f71afbeeed7e2dd4c4f436a8f1b75b8cc09a9849ef2f842016500d0f4788
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba2ec1f0e483b39c4f96db14778f55eceafa2ef67aa2b49c532a2cb24a52377b
bc3152c5f60cf0d6f4ed6fc09167f13ad6ccb8e337a44ad91af65bbb7f64a5a4
bc626fde73727b75ab726e9c58aa9fcd70be714638e101d7aa0bb819fce41209
bdda83b82c9a8c9800db579af213ce4660698a7079a0a64bc045e6ee1490a2b0
bde5cb4fafe8ec2ff121118f8c40b54d19496f806d4a5592f1ea62bdfa378ac1
be8574f1c4004a86af0f62f3fa9a79b5468617e3e42b26da3a629a3856a13a50
c0d772ac64e69a9a301d5ea81e1f3cddb59f2438eaf22b599ec5fe8a0d8e8446
c0f5c7d6f0606594605c8cca0cef44484910c96a8c5d2e22c64fb897d5f00da0
c1460fe0ec3c526cbb6455ba6bf22483d93ba0eb173276a87b863bf19bcd468f
c191f51716d506ff79647a26aedb024df0214e5d7dfe4d810d03af366abb7c60
c39a9f411b782816b572233a27909241466731ad90f6c758b64aa0040d22c6c9
c476d5d5a9cce342a54743c0e1ca48b35f00e664f4d0994264b825ded4054050
c47d777d0855206ec9ad649bbb93589c7ac84e367ff05b86bfb2b036b99666f8
c4ff4fb18f12a2cf2111cb3f982796895b75542f1308b41fa594706d426c1f94
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c813f644cb77fb7c7fbecf541b0f349a5b8b9327c500972398da0e454114cba8
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
c936a80440cdce5fff81cd947b9ca700f9632e5ca1848bb3fc31abc33539bb87
ca0e70196fb6560eb5ade04a93cff4450f6486cf07c5b11fd0a0e419664b6c34
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cc4b03b1b82393783ce510c14e2cca763e352a412d5da0c79b6594573af53b4e
cc72c12855f4a120e4b586dcc7b589ec2691fb300fdf362f413b9945c82dab5d
ce2db1220f9403abf20d0240cef9438e7ba193316d02cda9400b25634662bb6e
ce3358d4fda8ccb9db52074f002de30149462e2fccce551a5b5560cbc3c2d9a8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d08282ee93376e2e203bb5413b47b18b9e726cd44d333ef8e733475394961a8d
d0ee975849011c9df584cec8c38b1a850f8c25917d9d4be7ecc107ee63d3f4e3
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d47f691f68156ed07c3439962c26552341b72622d128f68bda1d74b43d15cab2
d507bd2a2875d72f483942f030c049be9fe240184204be637a43ff3e95d81f3e
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d6300c1a6ceb68612b91c4429c0f7af862102790ff31bc261c3991de5c3719ad
d72eee15ae964939884b562c91cfcdd8a4d7de887185fb9ff11016e0ad430d39
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
d9b9e10132c1000cef53bc06b39c845b1d522ca85222ff94f07bdc31fb3d16f1
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4dd491ad91e7078b2dd4a11ab60280ce8d75ea8ceed2d2076586bb85499c45
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de9c497969d31eee2b8be2e28ceadf5e64248f95c5e4589eda73b2c1e12718bc
e2218e35ef24a3c926004d23f458e8f7518587e53fbe46dceb456362d70ada88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0e4c728275251f196c7801c4ba526a9b656a1058cb0d2fd9a25cbc230fd59
e4d0681893439b801c23f95b6ee65d6f7665a770e79c662e432c6fd62cd25f10
e4e1f98f4ee0b5215b1d04ae204ea322a719453e2ac5cfbd42c68ae6d9e8eb78
e6c3d5fa60e4bf93e81d7df8456be46e03d60e70378e9af123c010a610e49192
e74a2f29c1cd61e2435c95ff6225d7cf74ec18a8da2a4ed6f5131795004cd6de
e9147bcddf734f6ec04c8f623b7f1baab2a84b9a23d891a29e76bfd25684537e
e91c1c0d7be5abcb80202ba824099d4819dc29f6e35aacc7346cd6e0068bb4fa
e96f2825e34c6339ae9da28b4a6cf8c7d6565b76184c13e7de08b420ff2221f4
ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770
ea579060fcf51dcfbef4b90437e34ac141675f8e7ed8bae028063b914d97bc8d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe3985b93969f9a3a670173dc8e8f89d0ab5682170e3ad7f317c35e4da6de74
f0b585f00c353f0e026de26046a1ea23f05f0cb480d6dcc70cd76ea8c56e3b56
f0f0485fd81f67c9549618a6c415a3e7dcfdcf01e97ebef16b2b3287cc8c909e
f182ed807d450695ca1b7a46485055753f62953e537375f87ed760db40b5e944
f3fb5f3e37b4a2b47b7bd13e7f67c39cbe483b1a3be258db803a6848eb458cec
f785ad56ccd948b3be8bc3fc810e51ccd0cbb9f4da47100300b25797e9ffb8ad
f8418714b329afd059e6cc7c14e6ce25ee411c1932b934c74817f258c083ed61
f8880084ac52ba3deb259d4089d6303d1fb6a5e5c2ae5dda6c8256d83f9eee33
f8e0f4b57a211f008528abff746fd076f28bc5ced1dcef2b1ebee6101dc91d6f
f9654e029bf8369e3c8f1c38d86bb7778248331ba320feaabfb3e207c390e685
f968ae92babf806862af54b65e3f52138c14eec79cf62ac5a1806eb50a86040d
f9e22f72e6c1ec89f91e157629c197555fbd4060c7f303f8da9a55de093da3fa
fe59cb677fbf7ed82c1171fc0f442c03ed6f9bfc6c9b5f67c6753520f2527380
fe9fe7d669d32cef4d08129bacaaa51efd489d208ba1f43ec4d418c710db26e1

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4b8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

266 Requests

100 %HTTPS

62 %IPv6

45 Domains

69 Subdomains

61 IPs

5 Countries

19999 kBTransfer

34943 kBSize

8 Cookies

30 Outgoing links

Page URL History

Redirected requests

266 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Screenshot
Live screenshot

Full Image

266
Requests

100 %
HTTPS

62 %
IPv6

45
Domains

69
Subdomains

61
IPs

5
Countries

19999 kB
Transfer

34943 kB
Size

8
Cookies

266 HTTP transactions
4 data transactions