beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission Tags: falconsandbox
Submission: On February 24 via api (February 24th 2021, 4:46:56 pm UTC) from US

Summary HTTP 215 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 56 IPs in 8 countries across 44 domains to perform 215 HTTP transactions. The main IP is 2606:4700:10::6816:4a8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	169.59.64.184 169.59.64.184	36351 (SOFTLAYER) (SOFTLAYER)
18	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
23	185.59.220.194 185.59.220.194	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	89.40.36.137 89.40.36.137	50939 (SPACE-AS) (SPACE-AS)
2	93.184.221.168 93.184.221.168	15133 (EDGECAST) (EDGECAST)
1	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:2200:1:93c2:a1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.216.113.181 52.216.113.181	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2001:df1:9c00... 2001:df1:9c00:8004:2a:7:0:f	133882 (PARAGONIN...) (PARAGONINTERNETGROUP-AS-AP PARAGON INTERNET GROUP LIMITED)
1	2606:4700::68... 2606:4700::6810:8746	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:4d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.124.249.6 192.124.249.6	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2600:9000:215... 2600:9000:2156:9a00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.195.84 13.224.195.84	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
25	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	143.204.90.113 143.204.90.113	16509 (AMAZON-02) (AMAZON-02)
4	64.62.227.17 64.62.227.17	6939 (HURRICANE) (HURRICANE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:8800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:1400:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	3.124.48.224 3.124.48.224	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	18.195.54.133 18.195.54.133	16509 (AMAZON-02) (AMAZON-02)
1 1	168.119.168.187 168.119.168.187	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.52.67.9 52.52.67.9	16509 (AMAZON-02) (AMAZON-02)
2 2	34.246.156.173 34.246.156.173	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	2600:9000:20e... 2600:9000:20eb:800:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
215	56

41 2606:4700:10::6816:4a8a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.59.64.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.40.3ba9.ip4.static.sl-reverse.com

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-194.datapacket.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.40.36.137 (Romania)

ASN50939 (SPACE-AS, RO)
PTR: amg-news.com

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.221.168 (London, United Kingdom)

ASN15133 (EDGECAST, US)

i.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.255.14 (United States)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:2200:1:93c2:a1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

photos.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.113.181 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df1:9c00:8004:2a:7:0:f (Singapore)

ASN133882 (PARAGONINTERNETGROUP-AS-AP PARAGON INTERNET GROUP LIMITED, SG)

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8746 (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4d0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.prepperfortress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4528 (United States)

ASN13335 (CLOUDFLARENET, US)

sonsoflibertymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.6 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10006.sucuri.net

stateofthenation.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9a00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-84.fra2.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.90.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-113.fra50.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.62.227.17 (San Jose, United States)

ASN6939 (HURRICANE, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1400:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.48.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.54.133 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-54-133.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.168.187 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.67.9 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-67-9.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.156.173 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20eb:800:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	beforeitsnews.com 1 redirects beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com	772 KB
25	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	252 KB
23	bitchute.com static-3.bitchute.com	899 KB
23	youtube.com www.youtube.com img.youtube.com	1 MB
15	tradingview.com s3.tradingview.com s.tradingview.com s3-symbol-logo.tradingview.com	332 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	82 KB
10	googleapis.com fonts.googleapis.com www.googleapis.com imasdk.googleapis.com translate.googleapis.com	401 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net static.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	36 KB
6	rmbl.ws i.rmbl.ws sp.rmbl.ws	5 MB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	google.com www.google.com translate.google.com	15 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	google-analytics.com www.google-analytics.com	56 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
3	rumble.com rumble.com	31 KB
3	ytimg.com i.ytimg.com	91 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	757 B
2	lockerdome.com lockerdome.com	3 KB
2	ggpht.com yt3.ggpht.com	5 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
2	amg-news.com amg-news.com	1 MB
2	rddywd.com rddywd.com	1 KB
2	googlesyndication.com pagead2.googlesyndication.com	61 KB
1	postrelease.com jadserve.postrelease.com	428 B
1	idealmedia.io cm.idealmedia.io	556 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	218 B
1	lentainform.com cm.lentainform.com	624 B
1	google.de www.google.de	505 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	2mdn.net s0.2mdn.net	17 KB
1	stateofthenation.co stateofthenation.co	21 KB
1	sonsoflibertymedia.com sonsoflibertymedia.com	927 KB
1	prepperfortress.com www.prepperfortress.com	74 KB
1	naturalnews.com www.naturalnews.com	126 KB
1	tapnewswire.com tapnewswire.com	10 KB
1	wp.com i2.wp.com	51 KB
1	amazonaws.com s3.amazonaws.com	1 MB
1	brighteon.com photos.brighteon.com	23 KB
1	imgflip.com i.imgflip.com	39 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
215	44

	Domain	Requested by
24	beforeitsnews.com	1 redirects beforeitsnews.com ajax.cloudflare.com
23	static-3.bitchute.com	beforeitsnews.com
18	www.youtube.com	beforeitsnews.com www.youtube.com
17	img.beforeitsnews.com	beforeitsnews.com
10	s-img.mgid.com
10	s.tradingview.com	s3.tradingview.com s.tradingview.com
7	cm.mgid.com	jsc.mgid.com
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc beforeitsnews.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com beforeitsnews.com
5	x.bidswitch.net	5 redirects
5	img.youtube.com	beforeitsnews.com
4	s3-symbol-logo.tradingview.com
4	cdn.mgid.com	jsc.mgid.com
4	ajax.beforeitsnews.com	beforeitsnews.com
4	www.google-analytics.com	rumble.com www.googletagmanager.com www.google-analytics.com
4	www.gstatic.com	www.youtube.com translate.googleapis.com
4	sp.rmbl.ws	rumble.com beforeitsnews.com
4	www.google.com	www.youtube.com
3	stats.g.doubleclick.net	www.google-analytics.com lockerdome.com
3	googleads.g.doubleclick.net	1 redirects www.youtube.com
3	rumble.com	beforeitsnews.com rumble.com
3	i.ytimg.com	beforeitsnews.com www.youtube.com
2	match.adsrvr.org	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	servicer.mgid.com	jsc.mgid.com
2	jsc.mgid.com	beforeitsnews.com
2	imasdk.googleapis.com	rumble.com imasdk.googleapis.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	www.googletagmanager.com	ajax.cloudflare.com s.tradingview.com
2	i.rmbl.ws	beforeitsnews.com rumble.com
2	amg-news.com	beforeitsnews.com
2	rddywd.com	beforeitsnews.com
2	pagead2.googlesyndication.com	beforeitsnews.com srcdoc
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.g.doubleclick.net	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	jadserve.postrelease.com
1	cm.idealmedia.io
1	bidswitch-eu.splicky.com	1 redirects
1	cm.lentainform.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.google.de
1	l.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	translate.google.com	beforeitsnews.com
1	s0.2mdn.net	imasdk.googleapis.com
1	s3.tradingview.com	ajax.cloudflare.com
1	platform-api.sharethis.com	ajax.cloudflare.com
1	stateofthenation.co	beforeitsnews.com
1	sonsoflibertymedia.com	beforeitsnews.com
1	www.prepperfortress.com	beforeitsnews.com
1	www.naturalnews.com	beforeitsnews.com
1	tapnewswire.com	beforeitsnews.com
1	i2.wp.com	beforeitsnews.com
1	s3.amazonaws.com	beforeitsnews.com
1	photos.brighteon.com	beforeitsnews.com
1	i.imgflip.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	ajax.cloudflare.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
215	67

This site contains links to these domains. Also see Links.

Domain
www.herbanomic.com
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
mitocopper.com
cdisi.com
db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net
widgets.mgid.com
herbeauty.co
www.fincabayano.net
polaraidhealth.com
www.braintuner.com
telegram.org
t.me
hop.clickbank.net
tinyurl.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.rumble.com DigiCert SHA2 Secure Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
static-3.bitchute.com R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
amg-news.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
s3.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-09-30` - `2021-10-31`	a year	crt.sh
brighteon.com Amazon	`2020-08-21` - `2021-09-20`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
tapnewswire.com R3	`2021-02-23` - `2021-05-24`	3 months	crt.sh
stateofthenation.co Go Daddy Secure Certificate Authority - G2	`2020-08-07` - `2021-08-07`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.tradingview.com Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sp.rmbl.ws R3	`2021-01-20` - `2021-04-20`	3 months	crt.sh
beforeitsnews.com R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-26`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 32F6906C672E4702EE06B732EA0F4C30
Requests: 138 HTTP requests in this frame

Frame: https://rumble.com/embed/vbijwz/?pub=hw409
Frame ID: 800628FDAF0F2EC0A37F207F21C6AD91
Requests: 12 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jBVjqCxQ7kk
Frame ID: 9C9B70A9E9CEB0339CBF8BADF9BC10F8
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Frame ID: 2557B3697B81184F039A8BAEB9E24FFE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DEE64DA1EB97A29994AB6F6AC4B0B98A
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202112416
Frame ID: 4BA59C9C1E621666C424177BABD10221
Requests: 2 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202112416
Frame ID: FCAC9CAEDC83F3BDAD582A830F04AC76
Requests: 5 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 262F539401548053E08AE9B667218E73
Requests: 16 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: F5756E4D970CC5C39A0BA70D2D6B0FA5
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 810538E62E2EC66B422DE0A59FB211EC
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 5C227952C136E90499088A5EB2E6D9A8
Requests: 2 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 9D2025E42CB0ACB60C5C3E47D3EB649E
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1614185198520683954989
Frame ID: BA8D36955CBB5D389CE8502A17334D25
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: E5C6ECD26E33A2C23F205A4F9740666B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 1A5D66BA5BA661B55C6B847915697949
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/O269cn5aS0A
Frame ID: 262F5F3235EBB20B40F83C7E1CB3A2CC
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

215
Requests

100 %
HTTPS

56 %
IPv6

44
Domains

67
Subdomains

56
IPs

8
Countries

13602 kB
Transfer

19826 kB
Size

6
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomic.com/productdirectory
Title: Shopping

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: How To Easily Manifest Anything You Wish Using Quantum Physics

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/oxy-powder-natural-colon-cleanser-120-capsules/
Title: Try This And You'll Lose 15 Pounds of Extra weight in Your Colon! (VIDEO)

Search URL Search Domain Scan URL

URL: https://cdisi.com/services/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-oxygen-delivery-system/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/certified-organic-biotin/
Title: This is the Organic Biotin That Gives Beautiful Hair, Strong Nails and an Amazing Complexion!

Search URL Search Domain Scan URL

URL: https://db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net/?tid=BINRTL1
Title: SHOCKING! Scientist Reveals The Real Cause Of Weight Gain! See Video

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net/?tid=BINPTL
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/entertainment/7-beloved-movies-that-would-be-problematic-today/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-water/
Title: HNEX HydroNano EXtracellular Water - Anti-Viral, Anti-Pathogen, Anti-Bacterial - Light Years Beyond Colloidal Silver

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/mitosynergy-copper-1-advanced-formula-120-capsules/

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/
Title:

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/
Title:

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/
Title: BCX UltraDeluxe Rife Provides Versatile Frequency Therapy to Your Body Through Low Electromagnetic Energy Waves

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://herbeauty.co/fashion/12-best-and-worst-fashion-trends-of-all-time/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/6-female-tv-characters-that-deserve-their-own-spinoff/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/relationships/10-reasons-why-an-ultimatum-destroys-your-relationship/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/foodtravel/10-worst-foods-for-anxiety-and-depression/

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/vars-liposomal-glutathione-mint-burst/
Title: THIS is Why Glutathione is Called the Miracle Molecule for Health and Anti-Aging! (VIDEO)

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://hop.clickbank.net/?affiliate=5startech&vendor=totalpat&p=clt&tid=BINRTL11221
Title: FREE Invisible Night Vision Cap Light - Just Pay Shipping - Click Here For Details

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Tiny Self Defense Tool Drops a 270 Thug In 2 Seconds Flat - Get Yours While Supplies Last

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNewsGroup
Title: CHAT/CONTRIBUTE ON TELEGRAM - https://t.me/BeforeitsNewsGroup

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c
Title: Try This New Way to Control the Matrix and You'll Get Anything You Want! (VIDEO)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 183

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 185

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=f8e5b6bf-aeff-423b-ac9e-94de7e679867 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=f8e5b6bf-aeff-423b-ac9e-94de7e679867 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=f8e5b6bf-aeff-423b-ac9e-94de7e679867&gdpr=&gdpr_consent=&us_privacy=

Request Chain 186

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=e40d078f-9cd7-42f1-8e0b-88b2d5b6161e

Request Chain 188

https://x.bidswitch.net/sync?dsp_id=303&user_id=l1oCd4VXFiK8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l1oCd4VXFiK8 HTTP 302
https://jadserve.postrelease.com/suid/1011?vk=f8e5b6bf-aeff-423b-ac9e-94de7e679867

Request Chain 189

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=b8eb8194-de1b-4a4a-9c3e-bc5d5c59d49c&ttl=1616777198

Request Chain 190

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=pc04jQnREKzAo950sgwQ&pi=mgid&tc=1

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFvQ2Q0VlhGaUs4&muidn=l1oCd4VXFiK8 HTTP 302
https://cm.mgid.com/google?muidn=l1oCd4VXFiK8&google_ula={guid},5&google_gid=CAESEJsfAeSeiMpAkNkjGRxTFsQ&google_cver=1

215 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

121 KB
23 KB

638ms
616ms

Document
text/html

2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7688fdaa8d81f75b756dc28573cb3ae1259bc5d0b4cdeaebae1c7eb6adaf2177

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d981aefa898457636b8aa49c5c13895e71614185195; expires=Fri, 26-Mar-21 16:46:35 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s3; path=/ __cflb=04dToerZmTfQcfwEHt8ULGdndf17BZ3yZ6yfkgHWpw; SameSite=Lax; path=/; expires=Wed, 24-Feb-21 19:04:36 GMT; HttpOnly
cf-ray: 626aa9e1b9444a5c-FRA
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
cf-request-id: 087688811800004a5c2e85a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Wed, 24 Feb 2021 16:46:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 24 Feb 2021 17:46:35 GMT
Location: https://beforeitsnews.com/
cf-request-id: 08768880f000002c3aba885000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 626aa9e18bf42c3a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 19ms
17ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 721548
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3294CE57C1BECB73
x-amz-id-2: IlYGlurCQhsr8ULw52Ie9eVGsIk4yQtsu/qQkjz4JTbo6nkcmSmbMTgByvawinkd1yJpr4QNKYs=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"165501590067c5189e81c831f77f81ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tjjN.jFT95DY_pkhk6.cTP9tpZK602Ny
cf-request-id: 087688838a00004a5c8398c000000001
cf-ray: 626aa9e5aff24a5c-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
712 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 16:46:36 GMT
server: ESF
date: Wed, 24 Feb 2021 16:46:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Feb 2021 16:46:36 GMT

GET
H2 200 global-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 15 KB
3 KB 26ms
25ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435644
cf-polished: origSize=15665
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087688838f00004a5c29b13000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-3d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 626aa9e5b8064a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:51 GMT

GET
H2 200 fancybox-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435644
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087688838f00004a5c5f971000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 626aa9e5b8084a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:51 GMT

GET
H2 200 home-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 28 KB
6 KB 26ms
25ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435644
cf-polished: origSize=29022
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087688838f00004a5c5d1af000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-715e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 626aa9e5b8094a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 responsive-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 20 KB
3 KB 28ms
28ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

310eaeee814d79e97a48c1859c4d0187ffc24b92fec8f2b7a190b56448f776d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435644
cf-polished: origSize=20488
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087688838f00004a5c71886000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-5008"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 626aa9e5b80b4a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 41ms
26ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 580777
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
cf-request-id: 08768883af00004a5c0f32f000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 23:26:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e5e84f4a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 36ms
21ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 587464
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
cf-request-id: 08768883b000004a5c64bc4000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 21:35:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e5e8544a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
228 B 35ms
22ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1000237
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
cf-request-id: 08768883af00004a5c26347000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 13 Feb 2022 02:55:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e5e8514a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/SLdYTMUUr0A/ 16 KB
16 KB 41ms
17ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/SLdYTMUUr0A/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

531fbda844b990069641d226e2dfd9757dac3f59118077a96b1775ceb882be69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16495
x-xss-protection: 0
expires: Wed, 24 Feb 2021 18:46:36 GMT

GET
H2 200 scientist_reveals_real.jpg
img.beforeitsnews.com/img/banner2020/ 45 KB
46 KB 41ms
28ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 583518
cf-polished: origFmt=jpeg, origSize=55516
content-disposition: inline; filename="scientist_reveals_real.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46020
cf-request-id: 08768883af00004a5c3cad2000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-d8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:41:18 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e5e8534a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 emigrate2.jpeg
img.beforeitsnews.com/img/banner2020/ 55 KB
55 KB 45ms
33ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/emigrate2.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3864179
cf-polished: origSize=56198, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55905
cf-request-id: 08768883b000004a5c62260000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-db86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e5e8554a5c-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 polaraidhealth.jpeg
img.beforeitsnews.com/img/banner2020/ 45 KB
46 KB 33ms
22ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/polaraidhealth.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3864179
cf-polished: origSize=46655, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46365
cf-request-id: 08768883af00004a5c4d115000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-b63f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e5e84d4a5c-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 BCX_Rife350x290.jpg
img.beforeitsnews.com/img/banner2020/ 36 KB
36 KB 23ms
16ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/BCX_Rife350x290.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 721660
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36512
cf-request-id: 08768883ce00004a5c2e88a000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 08:18:56 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e618974a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 31ms
11ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 08768883b900002fa5a191f000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fAhY6TJ%2Bd7298mcjJNwJGVCWfqVq9mv1JSKSFiWRN9pYjBstfd8gu1AJyKtEOuochYOXsHUQoWRxX3lwdgx%2B6gyr%2BpWREFi3ywqijo2wmZX3F%2F1qSOkKmAeh4BlOihMz"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 626aa9e5fd432fa5-FRA
expires: Fri, 26 Feb 2021 16:46:36 GMT

GET
H2 200 Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 22ms
20ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 4506183
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BS7S1H3H1K4GBQ7P
x-amz-id-2: QjApP71jKYVGRAdkz9Q9P6OqBxHUujj3Ssfx891KJE0sEVGRFVTs3J5cx2ZDaBvfdzUqDnivfaM=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"93a3e7d84b15a0c8a8a9e4e6c8779aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3R09nKFA1fkBWMCXCpPvkqre3wT0snqV
cf-request-id: 08768883a800004a5c3612c000000001
cf-ray: 626aa9e5d8394a5c-FRA

GET
H2 200 / Show response
rumble.com/embed/vbijwz/ Frame 8006 16 KB
7 KB 344ms
118ms Document
text/html 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vbijwz/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.40.3ba9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

f1af6992bebea78e3ed86b82b5952b3c0f6aa5b7d0a8b5c7edfdc83032953b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

:method: GET
:authority: rumble.com
:scheme: https
:path: /embed/vbijwz/?pub=hw409
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

server: nginx
date: Wed, 24 Feb 2021 16:46:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/ve4q33-exposing-the-plot-to-sow-more-discord-in-the-us-via-communisms-favorite-tac.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
H2 200 jBVjqCxQ7kk Show response
www.youtube.com/embed/ Frame 9C9B 51 KB
22 KB 77ms
54ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jBVjqCxQ7kk

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

335c54cc3c06869d75477e3af6d28cfa51b12518427a8880df2bab38ee4983f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jBVjqCxQ7kk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Feb 2021 16:46:36 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=NsExo3b-ATk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=2pQNWmGMKGk; Domain=.youtube.com; Expires=Mon, 23-Aug-2021 16:46:36 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+770; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeec769c5ce874a4f0f37d7b3790ad205a78dc635701ecc968b0eb82d429aaf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 49781
x-xss-protection: 0
server: cafe
etag: 3942574966862058441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Feb 2021 16:46:36 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
630 B 36ms
19ms Script
application/javascript 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 38090
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OsCA5M59iz9W0tqUwq4ipzBeoKafz5LhUDxZuIJda1nlqn256iBNlfJW6qb6H%2BKIgcOxJUPFFv175SLwBBJrSx62eFH47QGXyjZqnUESr9ixtYWTlgtG"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 626aa9e609004de2-FRA
content-length: 9
cf-request-id: 08768883c100004de254867000000001

GET
H2 200 adcode.png
rddywd.com/ 43 B
679 B 30ms
12ms Image
image/gif 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 30531
content-length: 43
cf-request-id: 08768883d500004eaa6705c000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=05X9%2BUUdJ4eWETpq1ldQdJKiSpKBbWDEaxKM9QL8f8vB5TM5SVngcSlbh83UyC8pJU2MV3fNQv1c9yC19kOrM2EoHRcGqeI2QvUi9zTxClJmICGKEn7K"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 626aa9e62ecd4eaa-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 14ms
5ms Image
text/plain 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
307 B 23ms
23ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 582684
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
cf-request-id: 08768883b000004a5c1e006000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:55:12 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 626aa9e5e8564a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
869 B 22ms
22ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 582640
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
cf-request-id: 08768883b400004a5c139d7000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:55:56 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 626aa9e5e85c4a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 25ms
25ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1827692
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
cf-request-id: 08768883b600004a5c650a6000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 626aa9e5f85f4a5c-FRA
expires: Thu, 03 Feb 2022 13:05:04 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 25ms
25ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1827677
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
cf-request-id: 08768883b700004a5c79383000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 626aa9e5f8604a5c-FRA
expires: Thu, 03 Feb 2022 13:05:19 GMT

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
2 KB 23ms
23ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 582798
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
cf-request-id: 08768883b800004a5c3612d000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:53:18 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 626aa9e5f8654a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 13 KB
13 KB 7ms
6ms Font
font/woff 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 17:19:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:06 GMT
server: sffe
age: 84447
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13064
x-xss-protection: 0
expires: Wed, 23 Feb 2022 17:19:09 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:15:51 GMT
server: sffe
age: 507883
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9028
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:53 GMT

GET
H2 200 LzGJrMpJd2tx_320x180.jpg
static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/ 12 KB
13 KB 184ms
82ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/LzGJrMpJd2tx_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

166e396d12dd4c415a84ba649eb91a9acd09a8fcb5118888a298bd4e99a6fcf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000002d490ceb-0060366274-43b5652-nyc3a
cdn-cachedat: 2021-02-24 15:28:04
cdn-pullzone: 89010
content-length: 12687
last-modified: Wed, 24 Feb 2021 14:18:06 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 2db34a160d8399c67e312275e4708132
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 ZdmtTS59uV4e_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 42 KB
42 KB 184ms
83ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ZdmtTS59uV4e_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

1a72393df76837bc2b702add5542f91eb64da3c28779fa30aa52cf5b69bcbf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-02-24 02:42:19
cdn-pullzone: 89010
content-length: 42980
x-amz-request-id: tx000000000000016ab35b3-006035aefb-46b98f5-nyc3a
last-modified: Wed, 24 Feb 2021 01:33:20 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: a15275925effc54e2ed6f6ba3c9dfed6
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 dumb-1.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 22 KB
22 KB 28ms
20ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/dumb-1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee00d65fd381aebe346da42bfd55169ea32a5a7cc98e50af6e6b7b95a1280093

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 58467
cf-polished: origSize=24313, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22079
cf-request-id: 087688841e00004a5c159fb000000001
last-modified: Wed, 24 Feb 2021 00:11:22 GMT
server: cloudflare
etag: "603599aa-5ef9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 24 Feb 2022 00:32:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e699674a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 inscAtDhYN4HZtnFuBqDG6xg_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 44 KB
44 KB 184ms
83ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/inscAtDhYN4HZtnFuBqDG6xg_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

7187ff1c53713a374a7946b2fc1683da10f623719082dba6d36f150e326527f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-22 19:26:11
cdn-pullzone: 89010
content-length: 44706
x-amz-request-id: tx00000000000002c11c268-006033f743-43b5652-nyc3a
last-modified: Mon, 22 Feb 2021 18:09:10 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 569830650d1e7cec9b95e75b72e5c3e2
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 coperta-1-960x628.png
amg-news.com/wp-content/uploads/2021/02/ 638 KB
639 KB 238ms
73ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/02/coperta-1-960x628.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS: amg-news.com
Software: LiteSpeed /
Resource Hash: 7c05d87cddac82dccccaca711709ec9a878f42fe40864ae4b83f37207bb9356e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
last-modified: Tue, 23 Feb 2021 14:36:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 653446
expires: Wed, 03 Mar 2021 16:46:36 GMT

GET
H2 200 bknfb.qR4e-small-Juan-O-Savin-talks-about-my.jpg
i.rmbl.ws/s8/1/b/k/n/f/ 369 KB
369 KB 118ms
28ms Image
image/jpeg 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.rmbl.ws/s8/1/b/k/n/f/bknfb.qR4e-small-Juan-O-Savin-talks-about-my.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D5C) /
Resource Hash: ad13b47e151dbc7cd32bf357d0c385505f6b81c67cc1f3c278b12db44dd1b233

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
last-modified: Thu, 22 Oct 2020 01:41:17 GMT
server: ECAcc (lha/8D5C)
age: 209780
etag: "3856940719"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 377927
expires: Thu, 24 Feb 2022 16:46:36 GMT

GET
H2 200 7XN8kscHQ5ny_640x360.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 33 KB
34 KB 183ms
83ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/7XN8kscHQ5ny_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

2f2868b362c8f717970704fde3e942572f08afe1f3104b40f755701cc173322f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-24 16:13:00
cdn-pullzone: 89010
content-length: 33877
x-amz-request-id: tx00000000000002d4e5d4f-0060366cfc-43b5652-nyc3a
last-modified: Wed, 24 Feb 2021 14:53:19 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 7012058b221a1a2f5cff77f49b714bc2
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 movKGaUmyn9KEp8RShq1W7OT_640x360.jpg
static-3.bitchute.com/live/cover_images/oACWZBJypqWf/ 33 KB
34 KB 183ms
83ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oACWZBJypqWf/movKGaUmyn9KEp8RShq1W7OT_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

2b89e2b69d2268c476b9c82c84b87893d62791116a1f79b84806951b9ae55532

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-24 15:09:15
cdn-pullzone: 89010
content-length: 34252
x-amz-request-id: tx00000000000002d46e92a-0060365e0b-43b5652-nyc3a
last-modified: Wed, 24 Feb 2021 14:00:07 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: c5154f6fbaee6eb09d8693f1bfcd8c79
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 gVGo280cxvX2r4axcTOSQHQe_640x360.jpg
static-3.bitchute.com/live/cover_images/BFwpmlvkLsJY/ 23 KB
23 KB 183ms
83ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/BFwpmlvkLsJY/gVGo280cxvX2r4axcTOSQHQe_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

ff90a7645bd6b34292930e3c5e85313feabe1b2a40783b58d09fa238fd05d702

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000000ce170dc-00601fb39b-46b98f5-nyc3a
cdn-cachedat: 2021-02-07 10:32:11
cdn-pullzone: 89010
content-length: 23399
last-modified: Sun, 07 Feb 2021 09:18:24 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 1e987bae9a4c786d734abd23030e8893
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 GIbILFHZpS7X_640x360.jpg
static-3.bitchute.com/live/cover_images/44tlv2gckwoL/ 34 KB
34 KB 84ms
81ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/44tlv2gckwoL/GIbILFHZpS7X_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

3a5ab2d2ac9994e326a1fc12731158871a83dafea68f5e09d599c1fdfb179366

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000022370dcd-00601d7002-43b5652-nyc3a
cdn-cachedat: 2021-02-05 17:19:15
cdn-pullzone: 89010
content-length: 34672
last-modified: Fri, 05 Feb 2021 16:08:31 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 4150a7432165e8727f41c9fdd432a79a
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 Virus.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 69 KB
70 KB 27ms
21ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/Virus.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

546f51b3ea22ede0d5ed26f7686f15bdbd300c066497554511de916b813437ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1542705
cf-polished: origSize=83836, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70993
cf-request-id: 087688841e00004a5c09957000000001
last-modified: Tue, 28 Jan 2020 00:57:08 GMT
server: cloudflare
etag: "5e2f86e4-1477c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 06 Feb 2022 20:14:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e699684a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5N6Ugw0CuVkc_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 72 KB
73 KB 84ms
81ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/5N6Ugw0CuVkc_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

1d5b29d858d79d8bf60f8e542a3bb69472f5c9a1c93193a7a4d5e5a50e2e35c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-02-20 06:16:20
cdn-pullzone: 89010
content-length: 74179
x-amz-request-id: tx00000000000002a9dd906-0060309b23-43b5652-nyc3a
last-modified: Sat, 20 Feb 2021 04:47:58 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 03198525be3bc0c1757a2c80a89025a1
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 Rdf1ef39bf86cf38b6579e4466cb92306(2).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 29 KB
29 KB 26ms
24ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Rdf1ef39bf86cf38b6579e4466cb92306(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1d8730347537478b70a1be17394e1ef0bdffce6ba082c43eafd663b378d9834

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 346067
cf-polished: origSize=33003, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29478
cf-request-id: 087688842e00004a5c159fc000000001
last-modified: Sat, 20 Feb 2021 16:21:01 GMT
server: cloudflare
etag: "603136ed-80eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 20 Feb 2022 16:38:49 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e6a9944a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 4z5qg2.jpg
i.imgflip.com/ 39 KB
39 KB 123ms
72ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4z5qg2.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 555b00b8ddcfc2b475efedffa5d833138f6bb25cb7323c12b769085c56c51562

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cf-cache-status: HIT
age: 86036
cf-polished: origSize=40271
cf-ray: 626aa9e70aef6966-CDG
content-length: 39548
x-amz-id-2: jNNeXznkYd7LUmpadRD1AnCMP0tt8a1nzaUxZeehUk+US/Ax7VPokXNXjGR7knJXxcogm6BFZDY=
last-modified: Tue, 23 Feb 2021 16:48:34 GMT
server: cloudflare
etag: "1ffba9de84f02cd2896d5f04759db0c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: D7D8628370786D07
access-control-allow-origin: *
expires: Sat, 22 Feb 2031 16:46:36 GMT
cache-control: public, max-age=315360000
cf-request-id: 0876888467000069668dbb0000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 4S0SCY1E2kwE_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ 32 KB
32 KB 161ms
83ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/4S0SCY1E2kwE_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

3dc12a8b4eec98ace895bdda9f4e63c8e20814a9e6376d8b40fd62132aa75b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-21 17:00:07
cdn-pullzone: 89010
content-length: 32348
x-amz-request-id: tx00000000000002b3bf499-0060328387-43ba6e0-nyc3a
last-modified: Sun, 21 Feb 2021 15:13:42 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 8c42977e9e6d418ec83f16f7c393a80f
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/GK9_OwUkI2E/ 16 KB
16 KB 41ms
19ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/GK9_OwUkI2E/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfa30bef858d9b58704aa4d687d08f6dad4cfedd474dd7ad3cf042fba9cc80f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1614183119"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16253
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:51:36 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/-KTuvbfnndI/ 42 KB
43 KB 31ms
9ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/-KTuvbfnndI/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2ada347f334458423613906d356ed02a1ea4a9a09ce31fc697ef9d0520d45d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:42:51 GMT
x-content-type-options: nosniff
server: sffe
age: 225
etag: "1614036503"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43317
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:47:51 GMT

GET
H2 200 YfyTOhbsY7FP_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 90 KB
90 KB 137ms
59ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/YfyTOhbsY7FP_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

b6b54686d73941246bd7d98dbc2b4424addbd03ad27a4760e3ee8a6b9224fb6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000002bacc751-0060330989-43b55da-nyc3a
cdn-cachedat: 2021-02-22 02:31:53
cdn-pullzone: 89010
content-length: 91950
last-modified: Mon, 22 Feb 2021 01:15:30 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: dc8b5420fb12442ad4563d388cb342fd
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 medical_logo_188822.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 21 KB
21 KB 20ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/medical_logo_188822.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a7166a9bf611075509f6daab98e6c808afc3316c14f4bfe1459b5bea17aca24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 512102
cf-polished: origSize=21966, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21582
cf-request-id: 087688842e00004a5c09958000000001
last-modified: Sun, 27 Aug 2017 13:03:13 GMT
server: cloudflare
etag: "59a2c311-55ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 18 Feb 2022 18:31:34 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e6a9934a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 0-2-960x559.png
amg-news.com/wp-content/uploads/2021/02/ 751 KB
751 KB 380ms
237ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/02/0-2-960x559.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS: amg-news.com
Software: LiteSpeed /
Resource Hash: 163cc5bd0a3f3045ee6d4f046ad35361f6a74f4a00710349ca53a224ac7b3909

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
last-modified: Wed, 17 Feb 2021 16:35:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 768755
expires: Wed, 03 Mar 2021 16:46:36 GMT

GET
H2 200 XQN9pOwj5BOu_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ 41 KB
41 KB 84ms
82ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/XQN9pOwj5BOu_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

0af85a939e010845e33931d9f23248b90f7158f46e78a07292d3c0f71665c650

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000002ccba3aa-006035519b-43b55da-nyc3a
cdn-cachedat: 2021-02-23 20:03:55
cdn-pullzone: 89010
content-length: 41815
last-modified: Tue, 23 Feb 2021 18:53:49 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 8f5422c27dc2e4db04ffadf332f845ad
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 SK7AaTXLiXvmSlenKHUOwy9u_640x360.jpg
static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/ 38 KB
38 KB 84ms
81ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/SK7AaTXLiXvmSlenKHUOwy9u_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

00bd120743d2d1b5e52bc521a46b32395921257bc015fb7a8d300ca0d0751f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000002ac0431e-006030f905-43b5652-nyc3a
cdn-cachedat: 2021-02-20 12:56:54
cdn-pullzone: 89010
content-length: 38435
last-modified: Sat, 20 Feb 2021 11:55:41 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 400d9fa3a4bc7cb331b30ee686fe1660
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 b82aed22-195c-4e12-9e4c-89ef896c0c26
photos.brighteon.com/thumbnail/ 23 KB
23 KB 50ms
8ms Image
image/jpeg 2600:9000:20eb:2200:1:93c2:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.brighteon.com/thumbnail/b82aed22-195c-4e12-9e4c-89ef896c0c26
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2200:1:93c2:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f11c3a7fda6b6d55cf83558eb3d0b306805b66710368c3a86e6c01a1f2088dd

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:21:18 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 10:51:09 GMT
server: AmazonS3
age: 105919
etag: "ffce8713a36a65e5b5447efe24bf2147"
x-cache: Hit from cloudfront
x-amz-meta-optimized: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 23253
x-amz-cf-id: ANS545rDEU8LeOwIyv2rwDgRFOgfxaPAu63KvqyvP6vK1-3LfuL8Zg==

GET
H2 200 OIP(78).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 19 KB
19 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP(78).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d704fd8e2edeac94ec7ddd4f4860ba4ab87ba17bd09a8b1e978479ca1958142c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 73693
cf-polished: origSize=20700, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19220
cf-request-id: 087688843500004a5c519cb000000001
last-modified: Tue, 23 Feb 2021 20:08:06 GMT
server: cloudflare
etag: "603560a6-50dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 23 Feb 2022 20:18:23 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e6b9a54a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 R4b8c7d89ccefbb98be77495423f9847e.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 37 KB
38 KB 21ms
21ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R4b8c7d89ccefbb98be77495423f9847e.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c8d438cc5497d8883e104b03fa6239e85a5ed5d32831b2e76fcea850e096d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49426
cf-polished: origSize=39815, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38087
cf-request-id: 087688844800004a5c39b51000000001
last-modified: Wed, 24 Feb 2021 02:23:57 GMT
server: cloudflare
etag: "6035b8bd-9b87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 24 Feb 2022 03:02:50 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e6d9d44a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/2-6y4OemBGk/ 27 KB
27 KB 37ms
22ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2-6y4OemBGk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

855839438132396c37a8a9a8cdcaf9a719ff41c0e31e77aed0bb95c0994d8d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:21 GMT
x-content-type-options: nosniff
server: sffe
age: 15
etag: "1614105350"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27332
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:51:21 GMT

GET
H2 200 EHmzNDeQKD1F_640x360.jpg
static-3.bitchute.com/live/cover_images/8LyqCWp3SSH4/ 36 KB
37 KB 84ms
81ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/8LyqCWp3SSH4/EHmzNDeQKD1F_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

b71e0b91bb78f2581919fa841f0f95eb16a779634c19252e98f83f85af27bb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000002cc2fc61-006035a063-43ba6e0-nyc3a
cdn-cachedat: 2021-02-24 01:40:03
cdn-pullzone: 89010
content-length: 36921
last-modified: Wed, 24 Feb 2021 00:13:12 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 019f0c30ac3a979ee9cc8de7bbf1fb63
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 6eee6d36-a059-4b8a-81a1-80cbf6df49ab
s3.amazonaws.com/webseed-realvideo-thumbnail/poster/ 1 MB
1 MB 441ms
131ms Image
image/png 52.216.113.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/poster/6eee6d36-a059-4b8a-81a1-80cbf6df49ab
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.113.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 44d099bcfc89d6a5da7095c2a72d759ea5db764faa80a350dad3f78b6d12da82

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:46:37 GMT
Last-Modified: Mon, 11 Jan 2021 18:03:27 GMT
Server: AmazonS3
x-amz-request-id: 8322F7CD91439E6F
ETag: "a83b0de281890d95712ec5506a4b7593"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1216662
x-amz-id-2: IGq7LlP63fwN8oFgySLdV9NQl6QZgELGceB0M0f0GtE93uRMciR/VKH0ouXeNc0b07Bf+wHwfz8=

GET
H2 200 Screenshot-2021-02-21-103356.png
i2.wp.com/www.ournewearthnews.com/wp-content/uploads/2021/02/ 51 KB
51 KB 108ms
47ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.ournewearthnews.com/wp-content/uploads/2021/02/Screenshot-2021-02-21-103356.png?resize=534%2C462&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

430857e4c3a61ea68b708541af331adcdfbeb47d94c56b1487b243f7c2f05848

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 24 Feb 2021 16:46:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 22:18:43 GMT
server: nginx
etag: "0fbdb9563ad5a2c7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.ournewearthnews.com/wp-content/uploads/2021/02/Screenshot-2021-02-21-103356.png>; rel="canonical"
content-length: 51712
expires: Wed, 22 Feb 2023 10:18:43 GMT

GET
H2 200 PjDKM4N15UZ7D1lEtC9FTJoX_640x360.jpg
static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/ 15 KB
16 KB 85ms
82ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/PjDKM4N15UZ7D1lEtC9FTJoX_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

d7fee305e00cdf2564b19f2ce784e9b7ea43e2f0d31b974f2a3573b1b72ffca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-01-18 17:36:04
cdn-pullzone: 89010
content-length: 15518
x-amz-request-id: tx000000000000017191a9a-006005b8f4-43ba6e0-nyc3a
last-modified: Mon, 18 Jan 2021 15:48:22 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 91c9fd5bab50673d980f0ac7ee410f98
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 pDJES5hbx9chcssNhWHywb1c_640x360.jpg
static-3.bitchute.com/live/cover_images/Iw2kiviwZpwx/ 32 KB
32 KB 84ms
82ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Iw2kiviwZpwx/pDJES5hbx9chcssNhWHywb1c_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

13655234862e0339fa87683ae573f895aaa9b6ecc523598cb958266df216ca1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-23 20:45:18
cdn-pullzone: 89010
content-length: 32556
x-amz-request-id: tx00000000000002cd135e4-0060355b4e-43b55da-nyc3a
last-modified: Tue, 23 Feb 2021 19:23:57 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 446e4891cd5df0ca2f6fd01a6484af6b
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 Aye8aaqCp6Zq_640x360.jpg
static-3.bitchute.com/live/cover_images/sJFDQtjzuuwx/ 25 KB
26 KB 84ms
82ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/sJFDQtjzuuwx/Aye8aaqCp6Zq_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

9fb0649aa8a3c34cc59cb47e2ce5637d966466799e24003960939dbb679a2c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000002c2d0dcf-00603425c6-43b5652-nyc3a
cdn-cachedat: 2021-02-22 22:44:38
cdn-pullzone: 89010
content-length: 25868
last-modified: Mon, 22 Feb 2021 21:30:09 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: e526a38cee1b7af830ccfe951a174c6d
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 oB1bj6nFo9OI_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ 34 KB
35 KB 84ms
81ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/oB1bj6nFo9OI_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

f061dc83eff4c743eb76435eb70639887dad14cbe118413a40ba68e6e3be1890

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 722
x-amz-request-id: tx00000000000002cffd6d2-006035bb96-43b55da-nyc3a
cdn-cachedat: 2021-02-24 03:36:06
cdn-pullzone: 89010
content-length: 34850
last-modified: Wed, 24 Feb 2021 02:29:49 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 3d728efc18600f3c286a5979a168d7a9
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 iP982uxquR3u_640x360.jpg
static-3.bitchute.com/live/cover_images/AMhoJpc4Zf2T/ 25 KB
25 KB 85ms
82ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/AMhoJpc4Zf2T/iP982uxquR3u_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

bb7e9dcf46c3e28648a9eefe825726629633a1ca87f1a040c310dc3a28ea6cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx000000000000029b2d392-00602e8989-43b55da-nyc3a
cdn-cachedat: 2021-02-18 16:36:41
cdn-pullzone: 89010
content-length: 25331
last-modified: Thu, 18 Feb 2021 01:30:20 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: d3ce10e90ee8d9da23407d9d5bd67dcd
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 TGYjMdjXBZMS5Z2ikqaP8qm9_640x360.jpg
static-3.bitchute.com/live/cover_images/zWqrqKTLkhqW/ 49 KB
50 KB 84ms
82ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/zWqrqKTLkhqW/TGYjMdjXBZMS5Z2ikqaP8qm9_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

31bccc1e52668851772575bba97c54090590711338ceb213fbbb39b7678e11f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-24 02:55:00
cdn-pullzone: 89010
content-length: 50585
x-amz-request-id: tx000000000000016ac98a5-006035b1f4-46b98f5-nyc3a
last-modified: Wed, 24 Feb 2021 01:29:42 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 3cb7a7e6d3d803767a566fb779f4d7d2
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 the-simpsons-donald-trump-episode.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 56 KB
56 KB 36ms
35ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/the-simpsons-donald-trump-episode.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e43b041053963b1017d88e4460ec61019b53858148212bbae6620b42207d088e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 68827
cf-polished: origFmt=jpeg, origSize=78495
content-disposition: inline; filename="the-simpsons-donald-trump-episode.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57512
cf-request-id: 087688846300004a5c519ce000000001
last-modified: Tue, 25 Aug 2020 20:19:25 GMT
server: cloudflare
etag: "5f45724d-1329f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 23 Feb 2022 21:39:29 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e6fa014a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/BVs5x8rp2Q8/ 8 KB
8 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BVs5x8rp2Q8/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b148eae8f79297bd0c52cc41bca3d296bf903129417be6e0552917f76a101125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:16:44 GMT
x-content-type-options: nosniff
server: sffe
age: 1792
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8597
x-xss-protection: 0
expires: Wed, 24 Feb 2021 18:16:44 GMT

GET
H/1.1 200
OK GettyImages-1230530059-768x432-1-300x169.jpg
tapnewswire.com/wp-content/uploads/2021/02/ 9 KB
10 KB 731ms
249ms Image
image/jpeg 2001:df1:9c00:8004:2a:7:0:f
PARAGONINTERNETGR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/02/GettyImages-1230530059-768x432-1-300x169.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:df1:9c00:8004:2a:7:0:f , Singapore, ASN133882 (PARAGONINTERNETGROUP-AS-AP PARAGON INTERNET GROUP LIMITED, SG),
Reverse DNS
Software: nginx /
Resource Hash: bcac8e070cef88482efa6b9e8ce07f9bee07000a6002a0d70e264f08ae325c48

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:46:38 GMT
Last-Modified: Wed, 24 Feb 2021 12:34:27 GMT
Server: nginx
ETag: "603647d3-259b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9627

GET
H2 200 OIP%20(23)(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
16 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(23)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c27b51fbe75ac10fa50e1d74506eb92c2ba81014abeee79042db03ed06a64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 698681
cf-polished: origSize=16900, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15731
cf-request-id: 08768884db00004a5c839a0000000001
last-modified: Tue, 16 Feb 2021 14:29:14 GMT
server: cloudflare
etag: "602bd6ba-4204"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 14:41:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e7cb4c4a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 YOEf4SrxQut6_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 62 KB
63 KB 52ms
51ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/YOEf4SrxQut6_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

7da761b03d01e70b429f611776670b9201d942249a07b3614048667da1ecb9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-23 03:46:43
cdn-pullzone: 89010
content-length: 63564
x-amz-request-id: tx00000000000002c284d27-0060346c93-43ba6e0-nyc3a
last-modified: Tue, 23 Feb 2021 02:41:01 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 7a031d3c016d89af5e367f8bddd05af6
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/p-h37t1vU_s/ 10 KB
10 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/p-h37t1vU_s/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

121cb1fb120cf0c70971e0f5640cb14c17312a8ab0a107ad2630c2a8215c1037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10320
x-xss-protection: 0
expires: Wed, 24 Feb 2021 18:46:36 GMT

GET
H2 200 Science-Medical-Testing-Vaccine-Microscope.jpg
www.naturalnews.com/wp-content/uploads/sites/91/2021/02/ 126 KB
126 KB 42ms
19ms Image
image/jpeg 2606:4700::6810:8746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalnews.com/wp-content/uploads/sites/91/2021/02/Science-Medical-Testing-Vaccine-Microscope.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c89451724551f4cef5a5cb28a911708fc515628d67d00e5722e81dd954f9e947

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cf-cache-status: HIT
age: 10
x-powered-by: ASP.NET
last-modified: Wed, 24 Feb 2021 08:25:14 GMT
content-length: 128559
cf-request-id: 08768884fd00004e8be5b4e000000001
cf-bgj: h2pri
server: cloudflare
etag: "d0983a9386ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 626aa9e7f8a74e8b-FRA
expires: Wed, 24 Feb 2021 16:47:36 GMT

GET
H2 200 images-11.jpg
www.prepperfortress.com/wp-content/uploads/2015/06/ 74 KB
74 KB 42ms
14ms Image
image/jpeg 2606:4700:3030::6815:4d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prepperfortress.com/wp-content/uploads/2015/06/images-11.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea244e36aaf57e1b5e4273993ff5d429fa701fd1b4656503d24ab8d508906166

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2719
content-length: 75391
cf-request-id: 087688850800004e7f8215b000000001
last-modified: Thu, 25 Jun 2015 13:34:18 GMT
server: cloudflare
etag: "1267f-51957ae240a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1c2TvqQcNrlIpEiESoHNZdLi%2Bxkk6BrTAjl1YkRoCEBb1tnmYbde49SMiOzxvA52Rlr9%2FMCqtTlNwpG4CE0fCx8k6F8L%2F3eBciKdCfA88ZUS85zTEsT6SvTX4LyHJeRc95VQxw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 626aa9e80e914e7f-FRA

GET
H2 200 rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 42 KB
43 KB 65ms
65ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/rxKDvPKomHZCesaDf6LeW1jC_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-01-26 13:45:38
cdn-pullzone: 89010
content-length: 43209
x-amz-request-id: tx00000000000001c3068ef-0060100ef2-43b5652-nyc3a
last-modified: Tue, 26 Jan 2021 11:28:15 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: f0167404bb0f0712fa30a1e66fbda156
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 3ieQDEL7orqb_640x360.jpg
static-3.bitchute.com/live/cover_images/hSiUinUJE4LJ/ 17 KB
17 KB 66ms
66ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/hSiUinUJE4LJ/3ieQDEL7orqb_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

abc7d329823f6916679b9cf735e8d9dcade4ec3faf23ed2369af10426c77b21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000001f8b6d72-0060179a4b-43ba6e0-nyc3a
cdn-cachedat: 2021-02-01 07:06:03
cdn-pullzone: 89010
content-length: 16941
last-modified: Mon, 01 Feb 2021 05:40:43 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: c8391154dc851aeb86b3a2302a04c6ae
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 FZGmMjEqhCL9YtLDohoHi5kh_640x360.jpg
static-3.bitchute.com/live/cover_images/pqlCrTAephy6/ 57 KB
58 KB 67ms
67ms Image
image/jpeg 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/pqlCrTAephy6/FZGmMjEqhCL9YtLDohoHi5kh_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

46f4d1fafb3f328d86228b7ee6a297ded8c91a7966e2e9af7b589fd599619645

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-24 00:56:03
cdn-pullzone: 89010
content-length: 58579
x-amz-request-id: tx00000000000002ce98b2a-0060359613-43b5652-nyc3a
last-modified: Tue, 23 Feb 2021 23:55:35 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 0e9b6553f3a417891bb0cd8819904b2e
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 868987f3dd50f8d2ad1b88f292f80750.png
sonsoflibertymedia.com/wp-content/uploads/2021/02/ 925 KB
927 KB 53ms
26ms Image
image/png 2606:4700:20::ac43:4528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonsoflibertymedia.com/wp-content/uploads/2021/02/868987f3dd50f8d2ad1b88f292f80750.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d17b23bd085ec78f7c0b3b32343d0326e59a88f523931d3af6d2c95fbb92bf1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 100452
x-fw-server: Flywheel/4.1.0
x-cache: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VeLWBunnd9GCCPt2abeSy0Au%2FEIjY1UtqeElanMyA1SbPjLfJ2F3Lcigs4pOKM4TsFwcYuKoZfcpY0kzmG%2BCBhkKCKIJSKb36ZAkyWDyC%2B62OSV3bs4YR6zcmm3w6GjBV7%2BA"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 946913
cf-request-id: 0876888512000005ed1e224000000001
magicmarker: 1
last-modified: Fri, 05 Feb 2021 15:01:20 GMT
server: cloudflare
etag: "601d5dc0-e72e1"
x-fw-hash: soth990flu
nel: {"max_age":604800,"report_to":"cf-nel"}
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-fw-serve: TRUE
x-fw-type: VISIT
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 626aa9e81fac05ed-FRA

GET
H2 200 OIP%20(25)(6).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
15 KB 21ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(25)(6).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d14382d0bc86ecb1eccae9e8ed903432986d6e8d572f16fe1b0903717a5e5e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 136717
cf-polished: origSize=16770, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15414
cf-request-id: 08768884fd00004a5c2120e000000001
last-modified: Tue, 23 Feb 2021 02:28:49 GMT
server: cloudflare
etag: "60346861-4182"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 23 Feb 2022 02:47:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9e7fb944a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 deathstarcoronavirusisrael.jpg
stateofthenation.co/wp-content/uploads/2021/02/ 21 KB
21 KB 106ms
28ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateofthenation.co/wp-content/uploads/2021/02/deathstarcoronavirusisrael.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

8793b92fe6f13e00f4d813ccf11376c4ef447b4e03ef32b5d67ebd0ee3eb1566

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 12:39:19 GMT
server: nginx
etag: "48105b-548f-5bc1452e34870"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 13006
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 21647
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 100 KB
32 KB 96ms
26ms Script
text/javascript 2600:9000:2156:9a00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9a00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 414d8b428bdb05db9e520b23c7855cb14d5eee21007b4492d7f151f46ffd0f3a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:44:32 GMT
content-encoding: gzip
age: 124
etag: W/"1911a-/9PKm40I201/anLlzkWA79nhAcc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZuIWlh9VqfWcyxYR4o4Y74VSUcn-2Q9vV-z8U7yFe-DAAEobKeF3jw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46357998cd37e18333f0c09a0183027f9f1669a39a8f57024fce0dce99a891a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39386
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Feb 2021 16:46:36 GMT

GET
H2 200 tabs-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 148 B
260 B 23ms
20ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20210219.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435644
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087688843900004a5c5719f000000001
last-modified: Fri, 19 Feb 2021 15:31:53 GMT
server: cloudflare
etag: W/"602fd9e9-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 626aa9e6c9b44a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 104ms
35ms Script
text/javascript 13.224.195.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-84.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 10:58:04 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Wed, 24 Feb 2021 10:57:59 GMT
server: AmazonS3
age: 20913
etag: "434a3d44a3079aedd890448838582f6c"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 11415
x-amz-cf-id: JNIIJ-tXQqf9Txz5P5gzzUI7gv5DfOoemEvZsSX-B1UWMjId3tqhjQ==

GET
H2 200 global-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 18 KB
5 KB 20ms
18ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af54c50c8c81bb5de6f8460e58f66372a414cf89628038ef7afc9dd3f49bf50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435644
cf-polished: origSize=18742
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087688843900004a5c3c18f000000001
last-modified: Fri, 19 Feb 2021 15:31:50 GMT
server: cloudflare
etag: W/"602fd9e6-4936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 626aa9e6c9b54a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 23ms
21ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1827678
cf-polished: origSize=149701
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087688843900004a5c4eb5f000000001
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 626aa9e6c9b74a5c-FRA
expires: Wed, 10 Feb 2021 13:05:17 GMT

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/5a096a9f/ Frame 9C9B 340 KB
51 KB 39ms
24ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jBVjqCxQ7kk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 62
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52112
x-xss-protection: 0
expires: Thu, 24 Feb 2022 16:45:34 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/ Frame 9C9B 157 KB
57 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jBVjqCxQ7kk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2de1ffe42871dbd7ab4adc416dd748b02273bd68e43255631d8e4fad6330045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 176432
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58387
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:46:04 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame 9C9B 2 MB
496 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jBVjqCxQ7kk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3995cf4a71263d70b3354acf1c649038c18eaf289e4287b8cb8e2063df5f2901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 01:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 53834
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 508012
x-xss-protection: 0
expires: Thu, 24 Feb 2022 01:49:22 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/5a096a9f/fetch-polyfill.vflset/ Frame 9C9B 8 KB
3 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jBVjqCxQ7kk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 04:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 45331
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 24 Feb 2022 04:11:05 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C9B 10 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jBVjqCxQ7kk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 476458
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:38 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9C9B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
523 B

69ms
38ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jBVjqCxQ7kk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b890389bba46b5cb9ab3ef067e3fc74ba65b22b9041ba801094da6d5d5a55707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Feb 2021 16:46:36 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9C9B 29 B
407 B 28ms
6ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:41:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 279
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:56:57 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame 9C9B 95 KB
32 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb1da869f11de5f6d41770efeafe33cb06aa4540f13ce665a29aefcf0fe5cdad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 7886
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32207
x-xss-protection: 0
expires: Thu, 24 Feb 2022 14:35:10 GMT

GET
H2 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
www.google.com/js/bg/ Frame 9C9B 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 10:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 20987
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Thu, 24 Feb 2022 10:56:49 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame 9C9B 29 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88876f6627eed8149d59d1c99b86ec067acb99904d2be968045c4ecf3440306d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 13:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 12090
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9676
x-xss-protection: 0
expires: Thu, 24 Feb 2022 13:25:06 GMT

GET
DATA 200
OK truncated
/ Frame 9C9B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnihX8vX3NUYkg_Sf9-ms1lczU4iboB8LX-RaVU5CQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9C9B 2 KB
2 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnihX8vX3NUYkg_Sf9-ms1lczU4iboB8LX-RaVU5CQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jBVjqCxQ7kk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aaee59c6d4738bad555f0286b166e6cc47e6f6b90bc30e2c7f17e9f7a77237da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 15:25:38 GMT
x-content-type-options: nosniff
age: 4858
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2093
x-xss-protection: 0
server: fife
etag: "v26c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 24 Feb 2021 10:29:27 GMT

GET
H3-Q050 200 sddefault.jpg
i.ytimg.com/vi/jBVjqCxQ7kk/ Frame 9C9B 39 KB
39 KB 44ms
29ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jBVjqCxQ7kk/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jBVjqCxQ7kk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edef50249e07dc2294a3cd935406711364219584c88d2f72e9cc918bb61b0001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1614140361"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39681
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:51:36 GMT

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 8006 67 KB
24 KB 139ms
139ms Script
application/javascript 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=159

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vbijwz/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.40.3ba9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

6f57feb703cd91f4470fb5fb3379169773f4b70dbb41153dd8e52003567aa2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 23:10:33 GMT
server: nginx
etag: W/"60358b69-10b6b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 pSIAb.OvCc-small-Exposing-The-Plot-To-Sow-Mo.jpg
i.rmbl.ws/s8/1/p/S/I/A/ Frame 8006 51 KB
51 KB 30ms
29ms Image
image/jpeg 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.rmbl.ws/s8/1/p/S/I/A/pSIAb.OvCc-small-Exposing-The-Plot-To-Sow-Mo.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbijwz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D91) /
Resource Hash: 73a7921122fa30497bb9ea8876729730962517e42986127e147b5d568d8ffe87

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
last-modified: Wed, 24 Feb 2021 13:10:34 GMT
server: ECAcc (lha/8D91)
age: 12773
etag: "2135547262"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 51872
expires: Thu, 24 Feb 2022 16:46:36 GMT

GET
H2 206 pSIAb.caa.1.mp4
sp.rmbl.ws/s8/2/p/S/I/A/ Frame 8006 44 KB
0 65ms
22ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/p/S/I/A/pSIAb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbijwz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: ECAcc (paa/6F71) /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
last-modified: Wed, 24 Feb 2021 13:30:50 GMT
server: ECAcc (paa/6F71)
age: 631
etag: "1439737729"
x-hw: 1614185196.cds042.pa1.hn,1614185196.cds229.pa1.c
content-type: video/mp4
Content-Range: bytes 0-467229111/467229112
cache-control: public,max-age=432000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 467229112

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9C9B 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:46:36 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 9C9B 0
38 B 6ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?bNpU4g
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:36 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 206 pSIAb.caa.1.mp4
sp.rmbl.ws/s8/2/p/S/I/A/ Frame 8006 64 KB
0 431ms
430ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/p/S/I/A/pSIAb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbijwz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: ECAcc (paa/6F71) /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=462356480-

Response headers

date: Wed, 24 Feb 2021 16:46:37 GMT
last-modified: Wed, 24 Feb 2021 13:30:50 GMT
server: ECAcc (paa/6F71)
age: 631
etag: "1439737729"
x-hw: 1614185197.cds042.pa1.hn,1614185197.cds229.pa1.c
content-type: video/mp4
Content-Range: bytes 462356480-467229111/467229112
cache-control: public,max-age=432000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 4872632

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8006 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3560
date: Wed, 24 Feb 2021 15:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 24 Feb 2021 17:47:17 GMT

POST
H2 200 view...bijwz.1tfbt54
rumble.com/l/ Frame 8006 35 B
191 B 129ms
128ms Other
image/gif 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...bijwz.1tfbt54?p=2.3&r=79342598&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=159

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.40.3ba9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 24 Feb 2021 16:46:37 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8006 326 KB
113 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vbijwz/?pub=hw409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114825
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:46:37 GMT

GET
H3-Q050 200 bridge3.443.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2557 576 KB
189 KB 34ms
21ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cdd9ff0d35d7ccf8e2092985f761c9a06fc2126fd3caceed43adfac938a1a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.443.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rumble.com/embed/vbijwz/?pub=hw409
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rumble.com/embed/vbijwz/?pub=hw409

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192659
date: Tue, 23 Feb 2021 14:16:41 GMT
expires: Wed, 23 Feb 2022 14:16:41 GMT
last-modified: Thu, 18 Feb 2021 19:24:29 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 95396
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8006 44 KB
17 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:46:37 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DEE6 36 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 658
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Wed, 24 Feb 2021 17:35:39 GMT

GET pSIAb.caa.1.mp4
sp.rmbl.ws/s8/2/p/S/I/A/ Frame 8006 0
0

GET
H2 206 pSIAb.caa.1.mp4
sp.rmbl.ws/s8/2/p/S/I/A/ Frame 8006 5 MB
5 MB 198ms
198ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/p/S/I/A/pSIAb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbijwz/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: ECAcc (paa/6F71) /
Resource Hash: fe3352c430ce879630107f9fe7529f8cea2f12848ff43c69c4a9c15bdf19387c

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=462422016-

Response headers

date: Wed, 24 Feb 2021 16:46:37 GMT
last-modified: Wed, 24 Feb 2021 13:30:50 GMT
server: ECAcc (paa/6F71)
age: 631
etag: "1439737729"
x-hw: 1614185197.cds042.pa1.hn,1614185197.cds229.pa1.c
content-type: video/mp4
Content-Range: bytes 462422016-467229111/467229112
cache-control: public,max-age=432000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 4807096

GET
H2 206 pSIAb.caa.1.mp4
sp.rmbl.ws/s8/2/p/S/I/A/ Frame 8006 97 KB
0 23ms
22ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/p/S/I/A/pSIAb.caa.1.mp4?u=0&b=0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: ECAcc (paa/6F71) /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbijwz/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 24 Feb 2021 16:46:37 GMT
last-modified: Wed, 24 Feb 2021 13:30:50 GMT
server: ECAcc (paa/6F71)
age: 631
etag: "1439737729"
x-hw: 1614185197.cds042.pa1.hn,1614185197.cds229.pa1.c
content-type: video/mp4
Content-Range: bytes 0-467229111/467229112
cache-control: public,max-age=432000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 467229112

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame 4BA5 247 KB
66 KB 92ms
42ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202112416
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2679778b93df6e744375df15a0cf3bf725c05682ab914436cc1ef9d89b35ec74

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 182
cf-polished: origSize=253315
last-modified: Sat, 20 Feb 2021 08:09:51 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5538E5BC7F9773F6
x-amz-id-2: ex2MHy5DUHPUEZLEBoLEsRY0dQgoeyNarugPLh+GKiElhiuyp8fulwnDPkiVMEsZ8taP9bnXcxg=
cf-bgj: minify
server: cloudflare
etag: W/"c8425c1278d026f965f543ad66c480c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 0876888a1f0000331e30819000000001
cf-ray: 626aa9f03dc8331e-CDG
expires: Wed, 24 Feb 2021 19:46:38 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame FCAC 246 KB
66 KB 132ms
87ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202112416
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 581d0975297fd9b7d3a036c32225c5235bf6a0f17d59eb38ca545ede64bbdfa1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 7000
cf-polished: origSize=251915
last-modified: Sat, 20 Feb 2021 08:09:34 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 51BDA582B0B7533E
x-amz-id-2: n6NMCDT7Yayo8SEDtDTW6B3lBrTplKknmyAV0tBi3yIAnUyTAN0Dn1F3NdnCnI2vYYJBzeUHuqg=
cf-bgj: minify
server: cloudflare
etag: W/"f9c8dae3ec349f95b26e97f99e584432"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 0876888a1f0000331e2cbf4000000001
cf-ray: 626aa9f03dce331e-CDG
expires: Wed, 24 Feb 2021 19:46:38 GMT

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 262F 20 KB
7 KB 95ms
30ms Document
text/html 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

de7d6cdc020a48854c99b477489fe085d275885f9d32f88e378d98842b69cfe9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://rum-static.pingdom.net/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://www.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-vPGGYUBfoDpY3I2b'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Wed, 24 Feb 2021 15:58:16 GMT
expires: Wed, 24 Feb 2021 16:58:16 GMT
cache-control: max-age=3600
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://rum-static.pingdom.net/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://www.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-vPGGYUBfoDpY3I2b'; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: O9CO-3oURFEtwAdTt0Fqpis4UyC3ktC8XZ1bnPaHQIizDCcIXuykOg==
age: 2902

POST
H/1.1 200
OK count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
619 B 481ms
157ms XHR
text/html 64.62.227.17
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.17 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

33ec813071963644c5f181fabb5dde876b6ef5d3ad60d0492513a3e9424fbe03

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 24 Feb 2021 16:46:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 jsDynamic-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 7 KB
2 KB 24ms
21ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724d7b74367497bb10c46d55c5490246031ae83559b82b20d6199508674b8202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435656
cf-polished: origSize=7634
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888a1a00004a5c099af000000001
last-modified: Fri, 19 Feb 2021 15:31:52 GMT
server: cloudflare
etag: W/"602fd9e8-1dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 626aa9f02fc64a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:42 GMT

GET
H2 200 responsive-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
767 B 23ms
20ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435656
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888a1b00004a5c40bb8000000001
last-modified: Fri, 19 Feb 2021 15:31:52 GMT
server: cloudflare
etag: W/"602fd9e8-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 626aa9f02fc84a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:42 GMT

GET
H2 200 validate-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 19ms
17ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435656
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888a1b00004a5c39baa000000001
last-modified: Fri, 19 Feb 2021 15:31:54 GMT
server: cloudflare
etag: W/"602fd9ea-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 626aa9f02fc94a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:42 GMT

GET
H2 200 loadmore-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
2 KB 22ms
20ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 435708
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888a1b00004a5c7e8f0000000001
last-modified: Fri, 19 Feb 2021 15:31:52 GMT
server: cloudflare
etag: W/"602fd9e8-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 626aa9f02fca4a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:44:50 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

aac352c5c459c6ca2a51da49341a0943392bc8db78754e373fd1dc84a262137b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vaccinate-cattle.jpg
img.beforeitsnews.com/contributor/upload/724569/images/ 37 KB
37 KB 19ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/724569/images/vaccinate-cattle.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efa50f84be24d2b5f9e1ccb57fdf442aa6768ca2be24cc49e7c0f7c4294b0551

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 760030
cf-polished: origSize=43304, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38067
cf-request-id: 0876888a2900004a5c589b7000000001
last-modified: Mon, 15 Feb 2021 20:48:49 GMT
server: cloudflare
etag: "602ade31-a928"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 15 Feb 2022 21:39:28 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f048124a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5f2c559be7229f0012f31c92.js Show response
buttons-config.sharethis.com/js/ 1 KB
866 B 29ms
12ms Script
text/javascript 2600:9000:20eb:8800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f2c559be7229f0012f31c92.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:45:41 GMT
content-encoding: gzip
etag: W/"321dc6041bb0ea183e662f402b588149"
last-modified: Thu, 06 Aug 2020 20:50:47 GMT
server: AmazonS3
age: 105
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: rde4T3z6dsOdtZn-hPl4wmh5f2wiqIt4_axHwfaS-fMVV_ba00yBXw==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3561
date: Wed, 24 Feb 2021 15:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 24 Feb 2021 17:47:17 GMT

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 86ms
20ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 20:37:41 GMT
server: nginx
etag: W/"14f4-177cb7643d4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

GET
H/1.1 200
OK get_banners_direct.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/ 2 KB
1 KB 471ms
158ms XHR
text/html 64.62.227.17
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/get_banners_direct.php?type=on_regular_page&_=1614185198149

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.17 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

9bc944e500913254fe1612177d2ce9be6def51ea97ec231924aa22722ef3974a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:46:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 19ms
16ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2030
etag: W/"b952f25ea8995726c8678b65dfe57a51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 626aa9f07ac44dee-FRA
cf-request-id: 0876888a4d00004dee3f2c6000000001
expires: Wed, 24 Feb 2021 17:46:38 GMT

GET
H/1.1 200
OK get_items_to_show.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 63 KB
7 KB 497ms
168ms XHR
text/html 64.62.227.17
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1614185198150

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.17 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

0c1888864432d217abe805821ef69483c612f2132ba2c41686f2c0f46702e696

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:46:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 get-most-recent-stories-list.php Show response
beforeitsnews.com/v3/recent/ 17 KB
4 KB 561ms
558ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1614185198150

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f74692759fd3939b88cbe8ae4d72c7c0fbab3913d039a619c30977007eaa49ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888a4d00004a5c4ebbd000000001
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 626aa9f078724a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H/1.1 200
OK carousel.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/ 816 B
1 KB 495ms
165ms XHR
text/html 64.62.227.17
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/carousel.php?_=1614185198150

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.17 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

bab22186537ad5a89baa121be57158c42b396697f9097b653756326dbe9d8740

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:46:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame F575 2 KB
1 KB 27ms
6ms Document
text/html 2600:9000:2156:1400:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1400:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Wed, 24 Feb 2021 16:43:54 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Y-3JyrY5pLphyV-IyFWLhdYug0XaUOM1Orctwbn6shJ5udGzOhH4Xg==
age: 164

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 29ms
7ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 24 Feb 2021 17:03:36 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 24 Feb 2021 17:32:54 GMT

GET
H2 200 en.f7f94942ee35c540.js Show response
s.tradingview.com/static/localization/translations/ Frame 262F 291 KB
48 KB 36ms
35ms Script
application/javascript 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.f7f94942ee35c540.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

8a2cdd0468e17f7a548dd21640dcadd36c104fda3ba47093ffa0e90faad22c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 10:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366900
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Sat, 20 Feb 2021 09:50:09 GMT
server: tv
etag: W/"6030db51-bb83"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oStQ4_42WsT-1BF0qQhVmrhrEk3Cdwr-4GfmdXbrh6I2O4_V1b-1DA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.8d0f0e4027a557e40cec.js Show response
s.tradingview.com/static/bundles/embed/ Frame 262F 53 KB
20 KB 36ms
35ms Script
application/javascript 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.8d0f0e4027a557e40cec.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

70554c2d93e8efdc9713fd11ea89beb7408a9124fa92d5c97a086f9257a4dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 10:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21032
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 24 Feb 2021 09:25:22 GMT
server: tv
etag: W/"60361b82-4bb7"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: AV6gz_J9QU0k7OJMiznMaTfwnXW5-ezc9uhI_H7lV7djvSwckKA1CQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.5a11590e919bbbbe7f2e.js Show response
s.tradingview.com/static/bundles/embed/ Frame 262F 381 KB
127 KB 33ms
32ms Script
application/javascript 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.5a11590e919bbbbe7f2e.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

8bd559dad13382260ef019f6a0807b9dd746bd6738a93bcbc77929041e0bb5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 01:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1783391
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Feb 2021 09:36:22 GMT
server: tv
etag: W/"601a6e96-1f798"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 43tGmd-qrEkuRDyy9hcX_q5mKzov4VCEWYnl7zcj8iqeijkVWocatg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.300227c1379dd7d5ecf8.js Show response
s.tradingview.com/static/bundles/embed/ Frame 262F 272 KB
80 KB 33ms
32ms Script
application/javascript 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.300227c1379dd7d5ecf8.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

0d52bfdbeaef538f34a0b8139d3b8b6990450af329aed09944de7e22718e4036

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 10:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21016
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 24 Feb 2021 09:25:22 GMT
server: tv
etag: W/"60361b82-13b17"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vRL5crPil-YoGhCiNnD_rF_d-egjOtUCp6n6t1Pm8WaZDVzdMrEfQQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.2d0a9a5ee605c85c6982.css
s.tradingview.com/static/bundles/embed/ Frame 262F 2 KB
1 KB 35ms
35ms Stylesheet
text/css 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.2d0a9a5ee605c85c6982.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

61897b67e4ea870cfd90b2ec505005298f8e319b15f695547628a5e4635adac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 04:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2118040
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 29 Jan 2021 09:12:45 GMT
server: tv
etag: W/"6013d18d-3f4"
vary: Accept-Encoding
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bpNL99VpdRZWIInk4y3hUwLZZKqNhbznK4f0gVsP-ZuUq_T2nafMTA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.2e6202357fd3594485ce.css
s.tradingview.com/static/bundles/embed/ Frame 262F 25 KB
5 KB 36ms
35ms Stylesheet
text/css 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.2e6202357fd3594485ce.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

3ea6931d41dff60efe83187d7c547a5b70422bf390ad5265b73e5be9c3623db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1438855
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 Feb 2021 09:24:07 GMT
server: tv
etag: W/"601d0eb7-1035"
vary: Accept-Encoding
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: w3ktDDWVUM9v3DjCDOj1chCnYI1ub4YJphRI3fNu0USrjSxphK1XMQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 2814
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 0876888abb0000331ee9126000000001
cf-ray: 626aa9f12838331e-CDG

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 507912
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:26 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
189 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2134303336&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=935307880&gjid=161014146&cid=894816739.1614185198&tid=UA-16055024-1&_gid=2129649972.1614185198&_r=1&gtm=2ou2h0&z=240328661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 243 KB
87 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7702
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88693
x-xss-protection: 0
last-modified: Mon, 30 Nov 2020 10:52:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 14:38:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-16055024-1&cid=894816739.1614185198&jid=935307880&gjid=161014146&_gid=2129649972.1614185198&_u=IEBAAUAAAAAAAC~&z=907560464

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Feb 2021 16:46:38 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
841 B 32ms
32ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202112416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 2814
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 0876888b0c0000331e30831000000001
cf-ray: 626aa9f1a97e331e-CDG

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 507912
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:26 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
1 KB 83ms
82ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=334&cols=1&pv=5&cbuster=1614185198352138970565&uniqId=01aee&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=177d4ef7310adf728ab&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202112416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b830dae23c36b1d66772f3847d623c4913dd895a8eb6e4b3f3aecc413e6de38

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 626aa9f1c9ba331e-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888b1a0000331eff90c000000001

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 139ms
34ms XHR
text/plain 3.124.48.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=beforeitsnews.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fbeforeitsnews.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Before%20It%27s%20News%20%7C%20People%20Powered%20News&cms=unknown&publisher=5f2c559be7229f0012f31c92&embeds_csv=https%3A%2F%2Fwww.youtube.com%2Fembed%2FjBVjqCxQ7kk&sop=true&bsamesite=true&consent_cookie_duration=236&consent_duration=236&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Before%20It%27s%20News%C2%AE%20is%20a%20community%20of%20individuals%20who%20report%20on%20what%27s%20going%20on%20around%20them%2C%20from%20all%20around%20the%20world.%20You%20can%20join%20to%20Contribute%20News%20and%20Comments.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.48.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:46:38 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 59ms
44ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-16055024-1&cid=894816739.1614185198&jid=935307880&_u=IEBAAUAAAAAAAC~&z=291371102

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 48ms
29ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-16055024-1&cid=894816739.1614185198&jid=935307880&_u=IEBAAUAAAAAAAC~&z=291371102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 10864438442185062 Show response
lockerdome.com/lad/ Frame 8105 1 KB
2 KB 534ms
149ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 24 Feb 2021 16:46:38 GMT

GET
H/1.1 200
OK 10864440455450982 Show response
lockerdome.com/lad/ Frame 5C22 1 KB
2 KB 531ms
148ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 24 Feb 2021 16:46:38 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 262F 98 KB
39 KB 45ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.300227c1379dd7d5ecf8.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98d5b94ad982f5b661dec9718e5881d3d3399fd0c3a02b334af8905c5e773783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39454
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 16:27:26 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Feb 2021 16:46:38 GMT

GET
H2 200 275.89109e08565358a840cc.css
s.tradingview.com/static/bundles/embed/ Frame 262F 712 B
792 B 32ms
31ms Stylesheet
text/css 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/275.89109e08565358a840cc.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.8d0f0e4027a557e40cec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

e7619746f6490749626842ab49718b1dd431510d90b13b474f80685e206a5f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 10:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21025
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 24 Feb 2021 09:25:21 GMT
server: tv
etag: W/"60361b81-125"
vary: Accept-Encoding
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kPd94N8FnReYtD3KpQHm4IgytMCpC9eP0qz6mMIOxJbCFbDFJw7mIg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.341b940f0d0cd97b61b3.js Show response
s.tradingview.com/static/bundles/embed/ Frame 262F 4 KB
2 KB 30ms
30ms Script
application/javascript 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.341b940f0d0cd97b61b3.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.8d0f0e4027a557e40cec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

f54f5520fff3867ff9afe8c1f9ce56f228704e69cb49c254657f9f2db04c0ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452994
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 19 Feb 2021 10:12:11 GMT
server: tv
etag: W/"602f8efb-68a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7_z-bGwrX0H64CKN1uUUve5ZDxuhoVLV5qifeuXBJqVqxh9sHF5HBQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 84ms
83ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1094&cols=1&pv=5&cbuster=1614185198456829432637&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=177d4ef7378ac3145a7&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202112416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf7bfd77650d6654485d4b7db32d9fc83e7e6e37a884f91d8eb4376e82e33fd2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 626aa9f26b62331e-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888b800000331ee4bd0000000001

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 34ms
20ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 15:04:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 6099
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Thu, 24 Feb 2022 15:04:59 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 9D20 18 KB
4 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 24 Feb 2021 17:03:36 GMT

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 29ms
19ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 13:56:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 10215
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Thu, 24 Feb 2022 13:56:23 GMT

GET
H3-Q050 200 cleardot.gif
www.google.com/images/ 43 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
841 B 31ms
31ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202112416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 2814
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 0876888bb70000331e11b82000000001
cf-ray: 626aa9f2bc32331e-CDG

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
691 B 88ms
85ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1614185198516127864573
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202112416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e058e804f6e2fe27de8d47a3cd978484ee8edb51c38e42bd497084198ef130c7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 97fe5f83-c911-4bc4-b909-2bf3a4e40546
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 626aa9f2cc4a331e-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888bbe0000331ef0a15000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame BA8D 19 B
315 B 80ms
80ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1614185198520683954989
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202112416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 449d9694-215b-4c73-bd7b-15ad197484eb
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 626aa9f2cc4c331e-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888bc00000331e3b1a9000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x328/0x0x1081x720/ 12 KB
13 KB 31ms
30ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1614185198-1OIXL9zYKeMSGhkHYjN5oxgq9m5o_HO5Dz5S23va_GM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9890b523125c63685ab6e157e022072740363afb75a023b694cec0b986a25481

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: c5657645-24b3-4e9f-bbc3-40c35370906f
age: 1405459
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12790
cf-request-id: 0876888bc40000331ed6155000000001
last-modified: Mon, 08 Feb 2021 10:20:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f2dc60331e-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x328/0x0x1081x720/ Frame 4BA5 12 KB
13 KB 32ms
31ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1614185198-1OIXL9zYKeMSGhkHYjN5oxgq9m5o_HO5Dz5S23va_GM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9890b523125c63685ab6e157e022072740363afb75a023b694cec0b986a25481

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: c5657645-24b3-4e9f-bbc3-40c35370906f
age: 1405459
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12790
cf-request-id: 0876888bc40000331e2c823000000001
last-modified: Mon, 08 Feb 2021 10:20:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f2dc63331e-CDG

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame E5C6 3 KB
1 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QaiAqgICHohxJK6ditf1Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-QaiAqgICHohxJK6ditf1Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Wed, 24 Feb 2021 16:46:38 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 262F 46 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3561
date: Wed, 24 Feb 2021 15:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 24 Feb 2021 17:47:17 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
841 B 39ms
37ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202112416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 2814
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 0876888bf00000331e01935000000001
cf-ray: 626aa9f31d15331e-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp
s-img.mgid.com/g/8164835/492x277/0x91x1080x720/ 12 KB
12 KB 36ms
34ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164835/492x277/0x91x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp?v=1614185198-VNv_ThqKz4leB1QuRXc2OBWtSTBxLMx9anKr25xclGY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505864f9436def05580211dd30d70e6c5dfd59b7c3b65a900687004174e25975

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: eeecd54e-64aa-4fdd-be34-3d828772ec55
age: 1405458
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12586
cf-request-id: 0876888bf40000331e30851000000001
last-modified: Mon, 08 Feb 2021 10:20:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f32d35331e-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x277/16x0x492x328/ 8 KB
8 KB 38ms
37ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164909/492x277/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1614185198-uDdSf8aGE25NDRz3avYSsMwjVwVxxV5CmM496i_9zws
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: 4ec28f1b-43f8-4183-88c3-856682ead5a7
age: 1405447
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8002
cf-request-id: 0876888bf50000331ee4391000000001
last-modified: Mon, 08 Feb 2021 10:20:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f32d38331e-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x277/0x89x1080x720/ 6 KB
6 KB 39ms
38ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164857/492x277/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1614185198-iInOaKPPiJrJh3SIwHfW636Tn0ztt1VXzsfCX7p6X-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48051e4b1aa3d6ed46f83b00f861735ae4b367785242a14882c420143401288e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: c021fbc8-ad0f-47f6-bca7-4dafde137f45
age: 1405508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6240
cf-request-id: 0876888bf60000331e4c16b000000001
last-modified: Mon, 08 Feb 2021 10:20:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f32d3e331e-CDG

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y...
s-img.mgid.com/g/8164840/492x277/-/ 16 KB
16 KB 34ms
32ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164840/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y2VlZjQ2NTAwOTM4YTMxYzMuanBn.webp?v=1614185198-Wlma3VUON1_mdKeZUnWaiaghnLyrmZ-VgcFolnUC-zg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef5b36ccbdec33b7bce73a0ecd576dce20937cedf180223bd4eb52e5a8168a46

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: f788a246-0762-4813-b563-6781b75fba9d
age: 1405476
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16344
cf-request-id: 0876888bf60000331ee4bdc000000001
last-modified: Mon, 08 Feb 2021 10:20:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f32d40331e-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp
s-img.mgid.com/g/8164835/492x277/0x91x1080x720/ Frame FCAC 12 KB
12 KB 37ms
35ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164835/492x277/0x91x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp?v=1614185198-VNv_ThqKz4leB1QuRXc2OBWtSTBxLMx9anKr25xclGY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505864f9436def05580211dd30d70e6c5dfd59b7c3b65a900687004174e25975

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: eeecd54e-64aa-4fdd-be34-3d828772ec55
age: 1405458
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12586
cf-request-id: 0876888bf40000331e25328000000001
last-modified: Mon, 08 Feb 2021 10:20:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f32d37331e-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x277/16x0x492x328/ Frame FCAC 8 KB
8 KB 38ms
37ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164909/492x277/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1614185198-uDdSf8aGE25NDRz3avYSsMwjVwVxxV5CmM496i_9zws
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: 4ec28f1b-43f8-4183-88c3-856682ead5a7
age: 1405447
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8002
cf-request-id: 0876888bf50000331ef0a19000000001
last-modified: Mon, 08 Feb 2021 10:20:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f32d3a331e-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x277/0x89x1080x720/ Frame FCAC 6 KB
6 KB 27ms
27ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164857/492x277/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1614185198-iInOaKPPiJrJh3SIwHfW636Tn0ztt1VXzsfCX7p6X-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48051e4b1aa3d6ed46f83b00f861735ae4b367785242a14882c420143401288e

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: c021fbc8-ad0f-47f6-bca7-4dafde137f45
age: 1405508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6240
cf-request-id: 0876888c160000331ed43fe000000001
last-modified: Mon, 08 Feb 2021 10:20:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f35dd0331e-CDG

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y...
s-img.mgid.com/g/8164840/492x277/-/ Frame FCAC 16 KB
16 KB 30ms
29ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164840/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y2VlZjQ2NTAwOTM4YTMxYzMuanBn.webp?v=1614185198-Wlma3VUON1_mdKeZUnWaiaghnLyrmZ-VgcFolnUC-zg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef5b36ccbdec33b7bce73a0ecd576dce20937cedf180223bd4eb52e5a8168a46

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: f788a246-0762-4813-b563-6781b75fba9d
age: 1405476
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16344
cf-request-id: 0876888c170000331e47b0e000000001
last-modified: Mon, 08 Feb 2021 10:20:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 626aa9f35dd8331e-CDG

GET
H3-Q050 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 6ms
6ms Image
image/gif 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 05:15:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 559851
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Fri, 18 Feb 2022 05:15:47 GMT

GET
H2 200 c8319bb3286aa1035b15b6a2ae06b23e76b1d69b.jpeg
beforeitsnews.com/img/i2021/02/ 16 KB
16 KB 24ms
22ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/c8319bb3286aa1035b15b6a2ae06b23e76b1d69b.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f216dfe62fa58129158379a536d4a2cff716c4941d219221b06c20f353ac13c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 721481
cf-polished: origSize=18059, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16416
cf-request-id: 0876888c2e00004a5c30b17000000001
last-modified: Wed, 10 Feb 2021 01:28:56 GMT
server: cloudflare
etag: "602336d8-468b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 08:21:57 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 626aa9f37e014a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 e28e9ed3cfa56dfb17832c9fce2bce8f7225fe1b.jpg
beforeitsnews.com/img/i2021/02/ 35 KB
35 KB 27ms
25ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/e28e9ed3cfa56dfb17832c9fce2bce8f7225fe1b.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85c96975ada9e742e0c39ae4514eca0002dd691af8bc9985b520075448eb3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 721469
cf-polished: origSize=68837, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35768
cf-request-id: 0876888c2e00004a5c760e2000000001
last-modified: Fri, 22 Jan 2021 17:52:28 GMT
server: cloudflare
etag: "600b10dc-10ce5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 08:22:09 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 626aa9f37e054a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 2b3c08fb4e44c851887bd2235f945a9ef6082259.jpeg
beforeitsnews.com/img/i2021/02/ 16 KB
16 KB 20ms
18ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/2b3c08fb4e44c851887bd2235f945a9ef6082259.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

476754322ed986d386424d7bfb2d55909be610d3025ca700ef474499daf7e418

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2029572
cf-polished: origSize=17860, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16345
cf-request-id: 0876888c2e00004a5c46242000000001
last-modified: Thu, 28 Mar 2019 00:39:43 GMT
server: cloudflare
etag: "5c9c17cf-45c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 05:00:26 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 626aa9f37e074a5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1A5D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

291 B
559 B

90ms
29ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1614185198516127864573
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Wed, 24 Feb 2021 16:46:38 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 24 Feb 2021 16:46:38 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
624 B 152ms
104ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l1oCd4VXFiK8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 626aa9f3dc990476-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888c6a00000476db855000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=f8e5b6bf-aeff-423b-ac9e-94de7e679867
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=f8e5b6bf-aeff-423b-ac9e-94de7e679867
https://cm.mgid.com/m?cdsp=433145&c=f8e5b6bf-aeff-423b-ac9e-94de7e679867&gdpr=&gdpr_consent=&us_privacy=

43 B
330 B

83ms
82ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=f8e5b6bf-aeff-423b-ac9e-94de7e679867&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b9d8a666-2385-4eaa-98b0-620c1ab4f1fa
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 626aa9f58c34331e-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888d750000331e3087c000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=f8e5b6bf-aeff-423b-ac9e-94de7e679867&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 24 Feb 2021 16:46:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=e40d078f-9cd7-42f1-8e0b-88b2d5b6161e

43 B
426 B

81ms
81ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=e40d078f-9cd7-42f1-8e0b-88b2d5b6161e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6da23b92-7a3d-4d07-a2e0-ad027060f06a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 626aa9f80c20331e-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888f0a0000331ef639c000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=e40d078f-9cd7-42f1-8e0b-88b2d5b6161e
date: Wed, 24 Feb 2021 16:46:39 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 125ms
77ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l1oCd4VXFiK8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 626aa9f3da04cde3-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 0876888c6b0000cde3dc94f000000001

GET
H2

200

1011
jadserve.postrelease.com/suid/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l1oCd4VXFiK8
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l1oCd4VXFiK8
https://jadserve.postrelease.com/suid/1011?vk=f8e5b6bf-aeff-423b-ac9e-94de7e679867

43 B
428 B

493ms
164ms

Image
image/gif

52.52.67.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1011?vk=f8e5b6bf-aeff-423b-ac9e-94de7e679867
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.67.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-67-9.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:39 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

location: //jadserve.postrelease.com/suid/1011?vk=f8e5b6bf-aeff-423b-ac9e-94de7e679867
date: Wed, 24 Feb 2021 16:46:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=b8eb8194-de1b-4a4a-9c3e-bc5d5c59d49c&ttl=1616777198

43 B
307 B

83ms
82ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=b8eb8194-de1b-4a4a-9c3e-bc5d5c59d49c&ttl=1616777198
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3b58634e-d242-4d77-a012-349cdbf939ef
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 626aa9f58c35331e-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888d750000331ed52d4000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=b8eb8194-de1b-4a4a-9c3e-bc5d5c59d49c&ttl=1616777198
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=pc04jQnREKzAo950sgwQ&pi=mgid&tc=1

43 B
299 B

80ms
80ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=pc04jQnREKzAo950sgwQ&pi=mgid&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4764b300-8b7a-4c75-9d2c-5991c90e6645
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 626aa9f4899d331e-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888cd80000331e0829b000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=pc04jQnREKzAo950sgwQ&pi=mgid&tc=1
pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT, Wed, 24 Feb 2021 16:46:38 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFvQ2Q0VlhGaUs4&muidn=l1oCd4VXFiK8
https://cm.mgid.com/google?muidn=l1oCd4VXFiK8&google_ula={guid},5&google_gid=CAESEJsfAeSeiMpAkNkjGRxTFsQ&google_cver=1

0
254 B

82ms
82ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l1oCd4VXFiK8&google_ula={guid},5&google_gid=CAESEJsfAeSeiMpAkNkjGRxTFsQ&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 626aa9f448b6331e-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0876888caa0000331ed52c0000000001

Redirect headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:46:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l1oCd4VXFiK8&google_ula={guid},5&google_gid=CAESEJsfAeSeiMpAkNkjGRxTFsQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 O269cn5aS0A Show response
www.youtube.com/embed/ Frame 262F 51 KB
21 KB 88ms
88ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/O269cn5aS0A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c75cd402914dcc0609828c51dbe07a0335b4051eb47efb691fca77d44e90701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/O269cn5aS0A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=NsExo3b-ATk; VISITOR_INFO1_LIVE=2pQNWmGMKGk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Feb 2021 16:46:38 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+053; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/5a096a9f/ Frame 262F 340 KB
51 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 64
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52112
x-xss-protection: 0
expires: Thu, 24 Feb 2022 16:45:34 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/ Frame 262F 157 KB
57 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2de1ffe42871dbd7ab4adc416dd748b02273bd68e43255631d8e4fad6330045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 176434
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58387
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:46:04 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame 262F 2 MB
496 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3995cf4a71263d70b3354acf1c649038c18eaf289e4287b8cb8e2063df5f2901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 01:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 53836
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 508012
x-xss-protection: 0
expires: Thu, 24 Feb 2022 01:49:22 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/5a096a9f/fetch-polyfill.vflset/ Frame 262F 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 04:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 45333
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 24 Feb 2022 04:11:05 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 262F 10 KB
11 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 476460
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:38 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 262F 113 B
183 B 39ms
38ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0d91721ec5e000f92b520e7369c11d6a8e5150e40f2281dd017bc447766b90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 262F 29 B
393 B 34ms
20ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:41:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 281
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:56:57 GMT

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 262F 3 KB
793 B 33ms
8ms Image
image/svg+xml 2600:9000:20eb:800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4770f3dcd578f18a061c8705062bad7e959f3747f5c772749ccff4d63969480f

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:19:44 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:38 GMT
server: AmazonS3
age: 1438015
etag: W/"a1b146ea9ea1303b88095fbaca07491a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: a1b146ea9ea1303b88095fbaca07491a
x-amz-cf-id: CiQKZXUgfCzxmP_PE5ikGrH03t8y8VNBNhv5hOIEihr6kXgrk4GN4w==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 262F 593 B
971 B 32ms
7ms Image
image/svg+xml 2600:9000:20eb:800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f026c82d20e24dcaa217ccdc82d8cb03354a04d52d24a3dcf0e01c159684bdd

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 02:28:12 GMT
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
last-modified: Wed, 25 Nov 2020 10:21:55 GMT
server: AmazonS3
age: 1520307
etag: "11e845c99b248e12f62f5bfc0346feb1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 11e845c99b248e12f62f5bfc0346feb1
content-length: 593
x-amz-cf-id: EW5riXl8n2gqllBDbvAgk2TqoxCbaoV4Tp98lhg5dpBMscgxrxncig==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 262F 813 B
1 KB 32ms
7ms Image
image/svg+xml 2600:9000:20eb:800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a884bfd027efb4d6d028140f6af4ee69c0158f184e18c81b5503e90b6c46a313

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 02:03:15 GMT
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
last-modified: Wed, 25 Nov 2020 10:20:00 GMT
server: AmazonS3
age: 1089804
etag: "95a42c153dde1fd4811492fe7d5fc213"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 95a42c153dde1fd4811492fe7d5fc213
content-length: 813
x-amz-cf-id: cBZe38WfplNauR7UEZt1ruwxm90K1MFz6CWjmGiRug9of1aie1FjnQ==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 262F 1 KB
936 B 31ms
7ms Image
image/svg+xml 2600:9000:20eb:800:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:800:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c67b269c17240c6a06dc1e095b2e3117bf36707dc5574bce3257a96b89792f82

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 02:42:26 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:06 GMT
server: AmazonS3
age: 2037853
etag: W/"7ae11541fa642c5193d8bd4a14f06f20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 7ae11541fa642c5193d8bd4a14f06f20
x-amz-cf-id: 6Xr3FPWsos-Vx_DLpnw_Yu9TlDjc0Ury7-wzeYk0VsAhvvW-OrNbTw==

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame 262F 95 KB
31 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb1da869f11de5f6d41770efeafe33cb06aa4540f13ce665a29aefcf0fe5cdad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 7888
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32207
x-xss-protection: 0
expires: Thu, 24 Feb 2022 14:35:10 GMT

GET
H3-Q050 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
www.google.com/js/bg/ Frame 262F 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 10:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 20989
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Thu, 24 Feb 2022 10:56:49 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame 262F 29 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88876f6627eed8149d59d1c99b86ec067acb99904d2be968045c4ecf3440306d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 13:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 12092
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9676
x-xss-protection: 0
expires: Thu, 24 Feb 2022 13:25:06 GMT

GET
DATA 200
OK truncated
/ Frame 262F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 AAUvwniaCI3awfeOW8JW58NFui1eQTh0zOkNzR24XPZ_=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 262F 3 KB
3 KB 34ms
20ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwniaCI3awfeOW8JW58NFui1eQTh0zOkNzR24XPZ_=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cfa6cbe8313da648d397efe4f7c5cf4d4e2c2ef3efd1b513390460e9135b918c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 13:54:03 GMT
x-content-type-options: nosniff
age: 10355
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2677
x-xss-protection: 0
server: fife
etag: "vf"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 23 Feb 2021 17:43:50 GMT

GET
H3-Q050 200 sddefault.jpg
i.ytimg.com/vi/O269cn5aS0A/ Frame 262F 35 KB
35 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/O269cn5aS0A/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

822f142bd39b370c21d7d140512b75f804c6626ee55cb3372ac1df62f55c2f2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 15:36:16 GMT
x-content-type-options: nosniff
server: sffe
age: 4222
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36249
x-xss-protection: 0
expires: Wed, 24 Feb 2021 17:36:16 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1A5D 31 KB
10 KB 32ms
31ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 83e22c7cf960bf9c41b1a84342654ce7ec8bc48c155b01b5c021fea6628c5b86

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:46:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=8980
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9306
Expires: Wed, 24 Feb 2021 19:16:18 GMT

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 262F 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:46:38 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 262F 0
13 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?dJ3ejA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/O269cn5aS0A
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/O269cn5aS0A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:46:38 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1A5D 284 B
536 B 122ms
31ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H3-Q050 200 dc.js Show response
stats.g.doubleclick.net/ Frame 8105 45 KB
17 KB 30ms
16ms Script
text/javascript 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4602
date: Wed, 24 Feb 2021 15:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 24 Feb 2021 17:29:56 GMT

GET
H3-Q050 200 dc.js Show response
stats.g.doubleclick.net/ Frame 5C22 45 KB
17 KB 28ms
14ms Script
text/javascript 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4602
date: Wed, 24 Feb 2021 15:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 24 Feb 2021 17:29:56 GMT

GET
H2 200 protobuf-handler.8af4c04ea75a28c1d98a.js Show response
s.tradingview.com/static/bundles/embed/ Frame 262F 122 KB
27 KB 30ms
30ms Script
application/javascript 143.204.90.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/protobuf-handler.8af4c04ea75a28c1d98a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.8d0f0e4027a557e40cec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.90.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-90-113.fra50.r.cloudfront.net

Software

tv /

Resource Hash

772e2829664d6a5ecd75824c63e6491160e5b7e207b09a79b9e9168bfc218e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 02:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1864094
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 02 Feb 2021 10:47:27 GMT
server: tv
etag: W/"60192dbf-6857"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IuCIZS_aB0uBtQ3AdeaMM3QGCHujdRP4_5UWPis2ko0bJMc4zBf4uw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9C9B 28 B
315 B 20ms
19ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jBVjqCxQ7kk
X-YouTube-Client-Version: 1.20210221.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgsycFFOV21HTUtHayjshdqBBg%3D%3D
X-YouTube-Ad-Signals: dt=1614185196745&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image&bid=ANyPxKq5XW6GIKQuCPUfOZ1JkOQgSl8eCm66wLXHoDTZBTJuL9VDDnfq4GZs7IvnbDhyMai87KwgN51pm-xXq1UGAcXsXbuDAg

Response headers

date: Wed, 24 Feb 2021 16:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:46:46 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 262F 28 B
191 B 19ms
18ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/O269cn5aS0A
X-YouTube-Client-Version: 1.20210221.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgsycFFOV21HTUtHayjuhdqBBg%3D%3D
X-YouTube-Ad-Signals: dt=1614185198796&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image&bid=ANyPxKpg5JUWHYIaIOp0y6y8lfWvtTtxlRcwa-O5u8eTknM8Z_pnCzcHM30XsyoGsZDMzf7Z9AH6R-JC_i5gX_OWyOsLn8r-Ow

Response headers

date: Wed, 24 Feb 2021 16:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:46:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sp.rmbl.ws
URL: https://sp.rmbl.ws/s8/2/p/S/I/A/pSIAb.caa.1.mp4?u=0&b=0

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 20:42:17	Name: VISITOR_INFO1_LIVE Value: 2pQNWmGMKGk
beforeitsnews.com/	1970-01-20 16:23:05	Name: b4in-uuid Value: b16708f9-1829-4967-8ef6-a964fc892a11
beforeitsnews.com/	1970-01-19 16:23:13	Name: __cflb Value: 04dToerZmTfQcfwEHt8ULGdndf17BZ3yZ6yfkgHWpw
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: NsExo3b-ATk
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
.beforeitsnews.com/	1970-01-19 17:06:17	Name: __cfduid Value: d981aefa898457636b8aa49c5c13895e71614185195

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	(Line 1) Message: [Web Cached] Loaded time: 0.00227s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=202112416(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202112416(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.beforeitsnews.com
ajax.cloudflare.com
amg-news.com
ams.creativecdn.com
beforeitsnews.com
bidswitch-eu.splicky.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgflip.com
i.rmbl.ws
i.ytimg.com
i2.wp.com
imasdk.googleapis.com
img.beforeitsnews.com
img.youtube.com
jadserve.postrelease.com
jsc.mgid.com
l.sharethis.com
lockerdome.com
match.adsrvr.org
pagead2.googlesyndication.com
photos.brighteon.com
platform-api.sharethis.com
rddywd.com
rtb-usw.mfadsrvr.com
rumble.com
s-img.mgid.com
s.tradingview.com
s0.2mdn.net
s3-symbol-logo.tradingview.com
s3.amazonaws.com
s3.tradingview.com
secure-assets.rubiconproject.com
servicer.mgid.com
sonsoflibertymedia.com
sp.rmbl.ws
stateofthenation.co
static-3.bitchute.com
static.doubleclick.net
stats.g.doubleclick.net
tapnewswire.com
token.rubiconproject.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.naturalnews.com
www.prepperfortress.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
sp.rmbl.ws
104.154.142.214
104.16.221.74
104.18.255.14
104.19.132.78
104.19.217.61
13.224.195.84
142.250.185.98
143.204.90.113
151.139.128.11
151.139.242.29
168.119.168.187
169.59.64.184
18.195.54.133
185.184.8.30
185.59.220.194
192.0.77.2
192.124.249.6
2001:df1:9c00:8004:2a:7:0:f
23.37.42.132
2600:9000:20eb:2200:1:93c2:a1c0:93a1
2600:9000:20eb:800:1f:2f70:3e80:93a1
2600:9000:20eb:8800:c:abe:f440:93a1
2600:9000:2156:1400:c:a9b7:ddc0:93a1
2600:9000:2156:9a00:1c:8a07:5e80:93a1
2606:4700:10::6816:4a8a
2606:4700:20::ac43:4528
2606:4700:3030::6815:4d0
2606:4700:3036::ac43:8a2c
2606:4700::6810:8746
2606:4700::6810:a823
2606:4700::6812:e234
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::200e
2a00:1450:4001:808::2006
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2006
2a00:1450:4001:829::200a
2a00:1450:400c:c00::9b
2a00:1450:400c:c07::9d
3.124.48.224
34.246.156.173
35.212.212.222
52.216.113.181
52.52.67.9
64.62.227.17
69.173.144.139
89.40.36.137
93.184.221.168
00bd120743d2d1b5e52bc521a46b32395921257bc015fb7a8d300ca0d0751f96
015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
0af85a939e010845e33931d9f23248b90f7158f46e78a07292d3c0f71665c650
0c1888864432d217abe805821ef69483c612f2132ba2c41686f2c0f46702e696
0d52bfdbeaef538f34a0b8139d3b8b6990450af329aed09944de7e22718e4036
0f2ada347f334458423613906d356ed02a1ea4a9a09ce31fc697ef9d0520d45d
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
121cb1fb120cf0c70971e0f5640cb14c17312a8ab0a107ad2630c2a8215c1037
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13655234862e0339fa87683ae573f895aaa9b6ecc523598cb958266df216ca1a
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
163cc5bd0a3f3045ee6d4f046ad35361f6a74f4a00710349ca53a224ac7b3909
166e396d12dd4c415a84ba649eb91a9acd09a8fcb5118888a298bd4e99a6fcf8
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1a72393df76837bc2b702add5542f91eb64da3c28779fa30aa52cf5b69bcbf6a
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1c8d438cc5497d8883e104b03fa6239e85a5ed5d32831b2e76fcea850e096d64
1d5b29d858d79d8bf60f8e542a3bb69472f5c9a1c93193a7a4d5e5a50e2e35c5
2679778b93df6e744375df15a0cf3bf725c05682ab914436cc1ef9d89b35ec74
2a7166a9bf611075509f6daab98e6c808afc3316c14f4bfe1459b5bea17aca24
2b89e2b69d2268c476b9c82c84b87893d62791116a1f79b84806951b9ae55532
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
2f11c3a7fda6b6d55cf83558eb3d0b306805b66710368c3a86e6c01a1f2088dd
2f2868b362c8f717970704fde3e942572f08afe1f3104b40f755701cc173322f
310eaeee814d79e97a48c1859c4d0187ffc24b92fec8f2b7a190b56448f776d5
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31bccc1e52668851772575bba97c54090590711338ceb213fbbb39b7678e11f6
335c54cc3c06869d75477e3af6d28cfa51b12518427a8880df2bab38ee4983f1
33ec813071963644c5f181fabb5dde876b6ef5d3ad60d0492513a3e9424fbe03
3995cf4a71263d70b3354acf1c649038c18eaf289e4287b8cb8e2063df5f2901
3a5ab2d2ac9994e326a1fc12731158871a83dafea68f5e09d599c1fdfb179366
3c75cd402914dcc0609828c51dbe07a0335b4051eb47efb691fca77d44e90701
3dc12a8b4eec98ace895bdda9f4e63c8e20814a9e6376d8b40fd62132aa75b5c
3ea6931d41dff60efe83187d7c547a5b70422bf390ad5265b73e5be9c3623db6
3f026c82d20e24dcaa217ccdc82d8cb03354a04d52d24a3dcf0e01c159684bdd
414d8b428bdb05db9e520b23c7855cb14d5eee21007b4492d7f151f46ffd0f3a
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
430857e4c3a61ea68b708541af331adcdfbeb47d94c56b1487b243f7c2f05848
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
44d099bcfc89d6a5da7095c2a72d759ea5db764faa80a350dad3f78b6d12da82
44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635
46357998cd37e18333f0c09a0183027f9f1669a39a8f57024fce0dce99a891a0
46f4d1fafb3f328d86228b7ee6a297ded8c91a7966e2e9af7b589fd599619645
476754322ed986d386424d7bfb2d55909be610d3025ca700ef474499daf7e418
4770f3dcd578f18a061c8705062bad7e959f3747f5c772749ccff4d63969480f
48051e4b1aa3d6ed46f83b00f861735ae4b367785242a14882c420143401288e
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
505864f9436def05580211dd30d70e6c5dfd59b7c3b65a900687004174e25975
531fbda844b990069641d226e2dfd9757dac3f59118077a96b1775ceb882be69
53c27b51fbe75ac10fa50e1d74506eb92c2ba81014abeee79042db03ed06a64f
546f51b3ea22ede0d5ed26f7686f15bdbd300c066497554511de916b813437ed
555b00b8ddcfc2b475efedffa5d833138f6bb25cb7323c12b769085c56c51562
581d0975297fd9b7d3a036c32225c5235bf6a0f17d59eb38ca545ede64bbdfa1
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61897b67e4ea870cfd90b2ec505005298f8e319b15f695547628a5e4635adac1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6cdd9ff0d35d7ccf8e2092985f761c9a06fc2126fd3caceed43adfac938a1a83
6d17b23bd085ec78f7c0b3b32343d0326e59a88f523931d3af6d2c95fbb92bf1
6f57feb703cd91f4470fb5fb3379169773f4b70dbb41153dd8e52003567aa2f5
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
70554c2d93e8efdc9713fd11ea89beb7408a9124fa92d5c97a086f9257a4dfa1
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
7187ff1c53713a374a7946b2fc1683da10f623719082dba6d36f150e326527f1
724d7b74367497bb10c46d55c5490246031ae83559b82b20d6199508674b8202
73a7921122fa30497bb9ea8876729730962517e42986127e147b5d568d8ffe87
7688fdaa8d81f75b756dc28573cb3ae1259bc5d0b4cdeaebae1c7eb6adaf2177
772e2829664d6a5ecd75824c63e6491160e5b7e207b09a79b9e9168bfc218e86
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15
7c05d87cddac82dccccaca711709ec9a878f42fe40864ae4b83f37207bb9356e
7da761b03d01e70b429f611776670b9201d942249a07b3614048667da1ecb9e9
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
822f142bd39b370c21d7d140512b75f804c6626ee55cb3372ac1df62f55c2f2f
83e22c7cf960bf9c41b1a84342654ce7ec8bc48c155b01b5c021fea6628c5b86
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855839438132396c37a8a9a8cdcaf9a719ff41c0e31e77aed0bb95c0994d8d39
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8793b92fe6f13e00f4d813ccf11376c4ef447b4e03ef32b5d67ebd0ee3eb1566
88876f6627eed8149d59d1c99b86ec067acb99904d2be968045c4ecf3440306d
88a4df55742ae4f4d4b565dd8bc4f975fd75018ea015e38d55abd7961a1f0b42
8a2cdd0468e17f7a548dd21640dcadd36c104fda3ba47093ffa0e90faad22c52
8bd559dad13382260ef019f6a0807b9dd746bd6738a93bcbc77929041e0bb5f7
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9890b523125c63685ab6e157e022072740363afb75a023b694cec0b986a25481
98d5b94ad982f5b661dec9718e5881d3d3399fd0c3a02b334af8905c5e773783
9b830dae23c36b1d66772f3847d623c4913dd895a8eb6e4b3f3aecc413e6de38
9bc944e500913254fe1612177d2ce9be6def51ea97ec231924aa22722ef3974a
9fb0649aa8a3c34cc59cb47e2ce5637d966466799e24003960939dbb679a2c25
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a2de1ffe42871dbd7ab4adc416dd748b02273bd68e43255631d8e4fad6330045
a884bfd027efb4d6d028140f6af4ee69c0158f184e18c81b5503e90b6c46a313
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aac352c5c459c6ca2a51da49341a0943392bc8db78754e373fd1dc84a262137b
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
aaee59c6d4738bad555f0286b166e6cc47e6f6b90bc30e2c7f17e9f7a77237da
abc7d329823f6916679b9cf735e8d9dcade4ec3faf23ed2369af10426c77b21c
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ad13b47e151dbc7cd32bf357d0c385505f6b81c67cc1f3c278b12db44dd1b233
af54c50c8c81bb5de6f8460e58f66372a414cf89628038ef7afc9dd3f49bf50e
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0d91721ec5e000f92b520e7369c11d6a8e5150e40f2281dd017bc447766b90b
b148eae8f79297bd0c52cc41bca3d296bf903129417be6e0552917f76a101125
b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25
b6b54686d73941246bd7d98dbc2b4424addbd03ad27a4760e3ee8a6b9224fb6d
b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08
b71e0b91bb78f2581919fa841f0f95eb16a779634c19252e98f83f85af27bb71
b890389bba46b5cb9ab3ef067e3fc74ba65b22b9041ba801094da6d5d5a55707
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bab22186537ad5a89baa121be57158c42b396697f9097b653756326dbe9d8740
bb1da869f11de5f6d41770efeafe33cb06aa4540f13ce665a29aefcf0fe5cdad
bb7e9dcf46c3e28648a9eefe825726629633a1ca87f1a040c310dc3a28ea6cc1
bcac8e070cef88482efa6b9e8ce07f9bee07000a6002a0d70e264f08ae325c48
bf7bfd77650d6654485d4b7db32d9fc83e7e6e37a884f91d8eb4376e82e33fd2
c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
c67b269c17240c6a06dc1e095b2e3117bf36707dc5574bce3257a96b89792f82
c89451724551f4cef5a5cb28a911708fc515628d67d00e5722e81dd954f9e947
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa6cbe8313da648d397efe4f7c5cf4d4e2c2ef3efd1b513390460e9135b918c
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d14382d0bc86ecb1eccae9e8ed903432986d6e8d572f16fe1b0903717a5e5e8e
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
d704fd8e2edeac94ec7ddd4f4860ba4ab87ba17bd09a8b1e978479ca1958142c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7fee305e00cdf2564b19f2ce784e9b7ea43e2f0d31b974f2a3573b1b72ffca5
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de7d6cdc020a48854c99b477489fe085d275885f9d32f88e378d98842b69cfe9
dfa30bef858d9b58704aa4d687d08f6dad4cfedd474dd7ad3cf042fba9cc80f8
e058e804f6e2fe27de8d47a3cd978484ee8edb51c38e42bd497084198ef130c7
e1d8730347537478b70a1be17394e1ef0bdffce6ba082c43eafd663b378d9834
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43b041053963b1017d88e4460ec61019b53858148212bbae6620b42207d088e
e7619746f6490749626842ab49718b1dd431510d90b13b474f80685e206a5f84
e85c96975ada9e742e0c39ae4514eca0002dd691af8bc9985b520075448eb3de
ea244e36aaf57e1b5e4273993ff5d429fa701fd1b4656503d24ab8d508906166
edef50249e07dc2294a3cd935406711364219584c88d2f72e9cc918bb61b0001
ee00d65fd381aebe346da42bfd55169ea32a5a7cc98e50af6e6b7b95a1280093
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eeec769c5ce874a4f0f37d7b3790ad205a78dc635701ecc968b0eb82d429aaf6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5b36ccbdec33b7bce73a0ecd576dce20937cedf180223bd4eb52e5a8168a46
efa50f84be24d2b5f9e1ccb57fdf442aa6768ca2be24cc49e7c0f7c4294b0551
f061dc83eff4c743eb76435eb70639887dad14cbe118413a40ba68e6e3be1890
f1af6992bebea78e3ed86b82b5952b3c0f6aa5b7d0a8b5c7edfdc83032953b80
f216dfe62fa58129158379a536d4a2cff716c4941d219221b06c20f353ac13c0
f54f5520fff3867ff9afe8c1f9ce56f228704e69cb49c254657f9f2db04c0ad3
f74692759fd3939b88cbe8ae4d72c7c0fbab3913d039a619c30977007eaa49ee
fe3352c430ce879630107f9fe7529f8cea2f12848ff43c69c4a9c15bdf19387c
ff90a7645bd6b34292930e3c5e85313feabe1b2a40783b58d09fa238fd05d702

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4a8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

215 Requests

100 %HTTPS

56 %IPv6

44 Domains

67 Subdomains

56 IPs

8 Countries

13602 kBTransfer

19826 kBSize

6 Cookies

29 Outgoing links

Page URL History

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

100 %
HTTPS

56 %
IPv6

44
Domains

67
Subdomains

56
IPs

8
Countries

13602 kB
Transfer

19826 kB
Size

6
Cookies

215 HTTP transactions
5 data transactions