Submitted URL: http://beforeitsnews.com/
Effective URL: https://beforeitsnews.com/
Submission: On December 20 via api from GB

Summary

This website contacted 57 IPs in 8 countries across 52 domains to perform 183 HTTP transactions. The main IP is 2606:4700:10::ac43:e6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.
This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 56 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
4 52.216.16.179 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 104.18.64.15 13335 (CLOUDFLAR...)
5 185.59.220.193 60068 (CDN77)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 81.19.215.5 25369 (BANDWIDTH-AS)
1 151.101.14.2 54113 (FASTLY)
1 168.62.40.228 8075 (MICROSOFT...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 35.226.130.62 15169 (GOOGLE)
1 213.138.111.133 35425 (BYTEMARK-AS)
1 45.79.195.246 63949 (LINODE-AP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:207... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
21 104.19.132.78 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21c... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:220... 16509 (AMAZON-02)
1 18.194.149.70 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 23.37.42.132 16625 (AKAMAI-AS)
1 104.16.221.74 13335 (CLOUDFLAR...)
1 1 172.217.22.66 15169 (GOOGLE)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
5 5 35.157.252.59 16509 (AMAZON-02)
2 2 193.232.148.160 48061 (UMA-TECH-AS)
1 178.162.133.149 60781 (LEASEWEB-...)
1 104.19.216.61 13335 (CLOUDFLAR...)
2 2 54.216.123.169 16509 (AMAZON-02)
6 18.202.41.158 16509 (AMAZON-02)
1 151.139.242.29 33438 (HIGHWINDS2)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.154.142.214 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 45.33.2.97 63949 (LINODE-AP...)
1 204.13.239.203 55106 (DATACATE-AS1)
9 151.139.128.11 20446 (HIGHWINDS3)
1 192.0.77.48 2635 (AUTOMATTIC)
1 205.185.216.42 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.72.28 2635 (AUTOMATTIC)
1 192.124.249.6 30148 (SUCURI-SEC)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.124.249.17 30148 (SUCURI-SEC)
1 2600:9000:209... 16509 (AMAZON-02)
183 57
Apex Domain
Subdomains
Transfer
56 beforeitsnews.com
beforeitsnews.com
1 MB
21 mgid.com
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
217 KB
14 revcontent.com
trends.revcontent.com
cdn.revcontent.com
images.revcontent.com
339 KB
14 youtube.com
img.youtube.com
www.youtube.com
318 KB
9 googleapis.com
fonts.googleapis.com
translate.googleapis.com
www.googleapis.com
101 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
62 KB
6 ytimg.com
i.ytimg.com
580 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 bitchute.com
static-3.bitchute.com
188 KB
4 amazonaws.com
s3.amazonaws.com
404 KB
3 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
1 KB
3 sharethis.com
platform-api.sharethis.com
buttons-config.sharethis.com
l.sharethis.com
33 KB
3 google.com
translate.google.com
www.google.com
2 KB
3 jamesredpillsamerica.com
jamesredpillsamerica.com
35 MB
2 lockerdome.com
lockerdome.com
2 adsrvr.org
match.adsrvr.org
904 B
2 adhigh.net
px.adhigh.net
935 B
2 creativecdn.com
creativecdn.com
ams.creativecdn.com
691 B
2 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
279 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 rddywd.com
rddywd.com
1 KB
1 fineartamerica.com
images.fineartamerica.com
85 KB
1 gellerreport.com
gellerreport.com
16 KB
1 naturalblaze.com
www.naturalblaze.com
71 KB
1 stateofthenation.co
stateofthenation.co
193 KB
1 wordpress.com
pterosaurheresies.files.wordpress.com
51 KB
1 blogspot.com
1.bp.blogspot.com
16 KB
1 townhall.com
media.townhall.com
62 KB
1 w.org
s.w.org
814 B
1 theepochtimes.com
img.theepochtimes.com
37 KB
1 jetnation.com
www.jetnation.com
45 KB
1 postaffiliatepro.com
herbanomics.postaffiliatepro.com
1 MB
1 onesignal.com
cdn.onesignal.com
3 KB
1 lockerdomecdn.com
cdn2.lockerdomecdn.com
3 KB
1 lentainform.com
cm.lentainform.com
622 B
1 sonobi.com
sync.go.sonobi.com
532 B
1 idealmedia.io
cm.idealmedia.io
556 B
1 google.de
www.google.de
107 B
1 consensu.org
c.sharethis.mgr.consensu.org
1 googlesyndication.com
pagead2.googlesyndication.com
47 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
1 rumormillnews.com
www.rumormillnews.com
699 KB
1 dancebase.co.uk
www.dancebase.co.uk
73 KB
1 tntrafficticket.us
tntrafficticket.us
1 MB
1 thebl.com
m.thebl.com
295 KB
1 stripes.com
www.stripes.com
132 KB
1 giphy.com
media0.giphy.com
1 MB
1 morningstar.ng
www.morningstar.ng
8 KB
1 iili.io
iili.io
235 KB
1 girlsaskguys.com
cf.girlsaskguys.com
511 KB
1 imgflip.com
i.imgflip.com
142 KB
1 wikimedia.org
upload.wikimedia.org
14 KB
183 52
Domain Requested by
56 beforeitsnews.com 1 redirects beforeitsnews.com
12 img.youtube.com beforeitsnews.com
10 s-img.mgid.com beforeitsnews.com
6 images.revcontent.com beforeitsnews.com
6 trends.revcontent.com beforeitsnews.com
trends.revcontent.com
cdn.revcontent.com
6 cm.mgid.com jsc.mgid.com
beforeitsnews.com
6 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
beforeitsnews.com
6 i.ytimg.com beforeitsnews.com
5 x.bidswitch.net 5 redirects
5 fonts.gstatic.com fonts.googleapis.com
beforeitsnews.com
5 static-3.bitchute.com beforeitsnews.com
4 s3.amazonaws.com beforeitsnews.com
3 jamesredpillsamerica.com beforeitsnews.com
2 cdn.revcontent.com beforeitsnews.com
2 www.youtube.com beforeitsnews.com
2 lockerdome.com cdn2.lockerdomecdn.com
2 match.adsrvr.org 2 redirects
2 px.adhigh.net 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 servicer.mgid.com jsc.mgid.com
2 www.google.com beforeitsnews.com
2 www.gstatic.com translate.googleapis.com
beforeitsnews.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 rddywd.com beforeitsnews.com
2 jsc.mgid.com beforeitsnews.com
2 fonts.googleapis.com beforeitsnews.com
1 images.fineartamerica.com
1 gellerreport.com
1 www.naturalblaze.com
1 stateofthenation.co
1 pterosaurheresies.files.wordpress.com
1 1.bp.blogspot.com
1 media.townhall.com
1 s.w.org
1 img.theepochtimes.com
1 www.jetnation.com
1 herbanomics.postaffiliatepro.com
1 cdn.onesignal.com beforeitsnews.com
1 cdn2.lockerdomecdn.com beforeitsnews.com
1 cm.lentainform.com beforeitsnews.com
1 sync.go.sonobi.com beforeitsnews.com
1 ams.creativecdn.com 1 redirects
1 creativecdn.com 1 redirects
1 cm.idealmedia.io beforeitsnews.com
1 eus.rubiconproject.com cm.mgid.com
1 secure-assets.rubiconproject.com 1 redirects
1 www.google.de beforeitsnews.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.mgid.com beforeitsnews.com
1 l.sharethis.com platform-api.sharethis.com
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 www.googleapis.com beforeitsnews.com
1 pagead2.googlesyndication.com beforeitsnews.com
1 platform-api.sharethis.com beforeitsnews.com
1 translate.google.com beforeitsnews.com
1 www.googletagmanager.com beforeitsnews.com
1 www.rumormillnews.com beforeitsnews.com
1 www.dancebase.co.uk beforeitsnews.com
1 tntrafficticket.us beforeitsnews.com
1 m.thebl.com beforeitsnews.com
1 www.stripes.com beforeitsnews.com
1 media0.giphy.com beforeitsnews.com
1 www.morningstar.ng beforeitsnews.com
1 iili.io beforeitsnews.com
1 cf.girlsaskguys.com beforeitsnews.com
1 i.imgflip.com beforeitsnews.com
1 upload.wikimedia.org beforeitsnews.com
183 68
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-15 -
2021-07-15
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-08-04 -
2021-08-09
a year crt.sh
edgestatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA
2020-11-09 -
2021-11-16
a year crt.sh
static-3.bitchute.com
Let's Encrypt Authority X3
2020-11-24 -
2021-02-22
3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-12-02 -
2021-04-23
5 months crt.sh
*.stripes.com
DigiCert SHA2 Secure Server CA
2020-08-21 -
2021-09-22
a year crt.sh
tntrafficticket.us
Let's Encrypt Authority X3
2020-10-27 -
2021-01-25
3 months crt.sh
dancebase.co.uk
Sectigo RSA Domain Validation Secure Server CA
2019-09-15 -
2021-09-29
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
sharethis.com
Amazon
2020-08-17 -
2021-09-16
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
sharethis.mgr.consensu.org
Amazon
2020-05-05 -
2021-06-05
a year crt.sh
www.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-02-13 -
2021-02-17
2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2019-02-01 -
2021-02-04
2 years crt.sh
revcontent.com
Amazon
2020-07-08 -
2021-08-08
a year crt.sh
cdn2.lockerdomecdn.com
Go Daddy Secure Certificate Authority - G2
2019-03-06 -
2021-05-05
2 years crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2
2020-09-27 -
2021-10-29
a year crt.sh
*.postaffiliatepro.com
RapidSSL RSA CA 2018
2019-09-16 -
2021-09-26
2 years crt.sh
forums.jetnation.com
R3
2020-12-03 -
2021-03-03
3 months crt.sh
*.theepochtimes.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2022-06-01
2 years crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA
2019-12-19 -
2021-12-18
2 years crt.sh
*.townhall.com
Sectigo RSA Domain Validation Secure Server CA
2019-02-21 -
2021-02-20
2 years crt.sh
misc-sni.blogspot.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA
2019-01-15 -
2021-01-14
2 years crt.sh
gellerreport.com
Go Daddy Secure Certificate Authority - G2
2020-05-13 -
2021-05-13
a year crt.sh
cdn.revcontent.com
Sectigo ECC Domain Validation Secure Server CA
2020-11-15 -
2021-02-13
3 months crt.sh
images.revcontent.com
Sectigo ECC Domain Validation Secure Server CA
2020-11-15 -
2021-02-13
3 months crt.sh

This page contains 12 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 8FD8E26A18D3049E357080CD608ABAC3
Requests: 170 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Frame ID: 2151E2B6130C12E541A6EB2DE4E4AF3D
Requests: 5 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020112020
Frame ID: 263C0EBE1896CD90AAC05BD90BD100F0
Requests: 2 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 12D59A6717617D8552A5BBC9B97C472E
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 92E7C0CA105F25AA8E9E8E20CAAA3C56
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 5ACBF0BCF77A67277347D186A437577C
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1608495449679335494839
Frame ID: EE2644E77D62E89C9DB6961F3D863C4E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 8F55E275008819DE0E6C8B22F09D9B3D
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: AD5566A2977E671A1B0D1027FE26933A
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 83F79968E91F8211376C62AFFF8C7D95
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hdSplGl0fj4?rel=0&autoplay=0&mute=0
Frame ID: EA1AB4865D99BFFCDE91DADCA68BC665
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YHaSsqT6kf0?rel=0&autoplay=0&mute=0
Frame ID: BBD31EA11A25C5343E767EF7CC8C71FD
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://beforeitsnews.com/ HTTP 301
    https://beforeitsnews.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

183
Requests

98 %
HTTPS

49 %
IPv6

52
Domains

68
Subdomains

57
IPs

8
Countries

45529 kB
Transfer

46815 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://beforeitsnews.com/ HTTP 301
    https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2JrdEZPdjA5ZGhj&muidn=kbktFOv09dhc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2JrdEZPdjA5ZGhj&muidn=kbktFOv09dhc&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=kbktFOv09dhc&google_ula={guid},5&google_gid=CAESENBIqfESI-CyAjdQJZAAjyE&google_cver=1
Request Chain 125
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=R1e34WdPwk0rNf2RXiwI&pi=mgid&tc=1
Request Chain 126
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid HTTP 302
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=e31SSwxW4XX.AikABlF2gczIKg&expires=30&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 127
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=kbktFOv09dhc HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kbktFOv09dhc HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6
Request Chain 129
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=f4d65c47-c738-4e1a-955a-38ca3da5b4ac&ttl=1611087450
Request Chain 152
  • http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg HTTP 307
  • https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg
Request Chain 153
  • http://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg HTTP 307
  • https://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg
Request Chain 158
  • http://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg HTTP 307
  • https://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg
Request Chain 159
  • http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg HTTP 307
  • https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg
Request Chain 162
  • http://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg HTTP 307
  • https://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg
Request Chain 169
  • http://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg HTTP 307
  • https://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg
Request Chain 171
  • http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg HTTP 307
  • https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg

183 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
beforeitsnews.com/
Redirect Chain
  • http://beforeitsnews.com/
  • https://beforeitsnews.com/
119 KB
24 KB
Document
General
Full URL
https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
217e9091d2fdc535b6bd04ca61b1758b51088f194076f39c6693d4b3aa37dd83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
beforeitsnews.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db60e75ff07b459ba5b86a1b7394a85471608495448; expires=Tue, 19-Jan-21 20:17:28 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s2; path=/
cf-ray
604c0c066de02b71-FRA
cache-control
private
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
072365d80100002b7109b9e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
server
cloudflare
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Sun, 20 Dec 2020 20:17:28 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 20 Dec 2020 21:17:28 GMT
Location
https://beforeitsnews.com/
cf-request-id
072365d7dc0000d6b54f23a000000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
604c0c062a53d6b5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js
beforeitsnews.com/cdn-cgi/apps/head/
4 KB
2 KB
Script
General
Full URL
https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
cf-cache-status
HIT
age
3867133
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
AB18BC6BF0FB0D2C
x-amz-id-2
o33nsy79jaxjzlm6YbiGwCyHVKEwARoHWK/ibbFB8jKIM8eMUjnL/zr8m1IG+i0Brjh+NHXUp7g=
last-modified
Fri, 09 Oct 2020 17:38:05 GMT
server
cloudflare
etag
W/"165501590067c5189e81c831f77f81ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
tjjN.jFT95DY_pkhk6.cTP9tpZK602Ny
cf-request-id
072365da9000002b716b09b000000001
cf-ray
604c0c0a89ce2b71-FRA
css
fonts.googleapis.com/
3 KB
713 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79ea20c2453d614642047c888d9a9abe70f74839a3ab9f6f3450441f0d6d9042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Dec 2020 20:17:28 GMT
server
ESF
date
Sun, 20 Dec 2020 20:17:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Dec 2020 20:17:28 GMT
global-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/
15 KB
3 KB
Stylesheet
General
Full URL
https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb3c8e6d8177ed58739c0338a0de6acb391d0f0a857f0a351a99482061137455
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
355289
cf-polished
origSize=15622
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365da8f00002b711b17d000000001
last-modified
Sun, 15 Nov 2020 17:34:05 GMT
server
cloudflare
etag
W/"5fb1668d-3d06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c0a79c52b71-FRA
expires
Wed, 23 Dec 2020 17:35:59 GMT
fancybox-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/
8 KB
2 KB
Stylesheet
General
Full URL
https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20201116.css
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
323874
cf-polished
origSize=8029
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365da8f00002b713501f000000001
last-modified
Sun, 15 Nov 2020 17:34:05 GMT
server
cloudflare
etag
W/"5fb1668d-1f5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c0a79c82b71-FRA
expires
Thu, 24 Dec 2020 02:19:34 GMT
home-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/
28 KB
6 KB
Stylesheet
General
Full URL
https://beforeitsnews.com/static/css-v3/home-bin-rev-20201116.css
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6c4dae8dc680a4595921bae7b66ab8bede58bee181a639464d14d1e780ddf5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
355286
cf-polished
origSize=28775
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365da9000002b71602e3000000001
last-modified
Sun, 15 Nov 2020 17:34:05 GMT
server
cloudflare
etag
W/"5fb1668d-7067"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c0a79ca2b71-FRA
expires
Wed, 23 Dec 2020 17:36:02 GMT
responsive-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/
20 KB
3 KB
Stylesheet
General
Full URL
https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20201116.css
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab8d3ab886ebd79b8127eb85c077b40f7c5e92fb28da6526aa421188910c793
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
322973
cf-polished
origSize=20164
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365da9000002b7106172000000001
last-modified
Sun, 15 Nov 2020 17:34:05 GMT
server
cloudflare
etag
W/"5fb1668d-4ec4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c0a79cb2b71-FRA
expires
Thu, 24 Dec 2020 02:34:35 GMT
jquery-fancybox-mobiledetect-uuid.js
beforeitsnews.com/static/js-v3/
146 KB
54 KB
Script
General
Full URL
https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1346052
cf-polished
origSize=149701
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365da9000002b712397b000000001
last-modified
Tue, 13 Aug 2019 07:42:38 GMT
server
cloudflare
etag
W/"5d5269ee-248c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c0a89d32b71-FRA
expires
Sat, 12 Dec 2020 06:23:16 GMT
global-bin-rev-20201116.js
beforeitsnews.com/static/js-v3/
19 KB
5 KB
Script
General
Full URL
https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff943bf582a2b6018789b174549a271cec3f8e9eca1a0375452bc9f32d38e140
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
355289
cf-polished
origSize=19654
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365da9300002b714024c000000001
last-modified
Sun, 15 Nov 2020 17:33:23 GMT
server
cloudflare
etag
W/"5fb16663-4cc6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c0a89d42b71-FRA
expires
Wed, 23 Dec 2020 17:35:59 GMT
top-logo.png
beforeitsnews.com/img/v3/
2 KB
2 KB
Image
General
Full URL
https://beforeitsnews.com/img/v3/top-logo.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
235327
cf-polished
origFmt=png, origSize=2219
content-disposition
inline; filename="top-logo.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1886
cf-request-id
072365dae100002b715821e000000001
last-modified
Mon, 18 Jun 2018 21:28:42 GMT
server
cloudflare
etag
"5b28240a-8ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b642b71-FRA
expires
Sat, 18 Dec 2021 02:55:21 GMT
hqdefault.jpg
img.youtube.com/vi/hdSplGl0fj4/
20 KB
21 KB
Image
General
Full URL
https://img.youtube.com/vi/hdSplGl0fj4/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb60bec727121d5594d984f8313dc70aac2ba35e977d9db9030e2402c3515a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:14:11 GMT
x-content-type-options
nosniff
server
sffe
age
197
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20966
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:19:11 GMT
hqdefault.jpg
img.youtube.com/vi/YHaSsqT6kf0/
24 KB
24 KB
Image
General
Full URL
https://img.youtube.com/vi/YHaSsqT6kf0/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8286ea3b6cc5ae49e5a9f5c3f76cdcfb6433e338f85a03cfd9a0bbbd914a82f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:14:11 GMT
x-content-type-options
nosniff
server
sffe
age
197
etag
"1608390667"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24311
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:19:11 GMT
1684f51f-5c1e-4e72-8a78-d276b8d4d1ed
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/
23 KB
23 KB
Image
General
Full URL
https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/1684f51f-5c1e-4e72-8a78-d276b8d4d1ed
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.16.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6a913174f23ae7ddee498f45566d9ebb0544343afe5d486bb3f7f6ce6eaa6d49

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:30 GMT
Last-Modified
Sun, 20 Dec 2020 12:35:44 GMT
Server
AmazonS3
x-amz-request-id
AP1WCS2PCRAMEN4P
ETag
"a86758da120cde5096ed00fbf07876c7"
x-amz-meta-optimized
true
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
23336
x-amz-id-2
Iqu1B/inAsPHBkuau/gCqcWuqx5+ghGKHsBseIDHQ2rtTxLormmD3TI7EG//ae75f2fjop0IRO0=
JFK-911.gif
jamesredpillsamerica.com/images/
34 MB
34 MB
Image
General
Full URL
https://jamesredpillsamerica.com/images/JFK-911.gif
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:1cf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1c5ca09f2fe63aa454e4f33337f32024dd0191adfe2316321aca763d9b12267

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
104280
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
35171027
cf-request-id
072365dafb00002b225aa48000000001
last-modified
Sat, 19 Dec 2020 15:12:57 GMT
server
cloudflare
etag
"5fde1879-218aad3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pUGA2myjKgSZE7xgDPtAv13HEbL9gaS3BUvUnclZtArLBSpGlm0dyekrPYqfN%2BWZcv%2FIlEkxPikaYq%2FvLMjsCgGnYVg7XilHEFnu6DC7dvYUyu1fQPstim4hDQUuNrDq7uUHbLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
604c0c0b28892b22-FRA
expires
Sun, 19 Dec 2021 15:19:32 GMT
hqdefault.jpg
i.ytimg.com/vi/xINeL_wF7Qk/
14 KB
14 KB
Image
General
Full URL
https://i.ytimg.com/vi/xINeL_wF7Qk/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18f19bd3e00fe8248d8c715e257c2ceab27f19092344b6a16d6f0636cad76131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:13:37 GMT
x-content-type-options
nosniff
server
sffe
age
231
etag
"1608335358"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13852
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:18:37 GMT
220px-President_Donald_Trump_and_Lin_Wood.jpg
upload.wikimedia.org/wikipedia/commons/thumb/6/6f/President_Donald_Trump_and_Lin_Wood.jpg/
14 KB
14 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/6/6f/President_Donald_Trump_and_Lin_Wood.jpg/220px-President_Donald_Trump_and_Lin_Wood.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
c7713f7108560b28c40f0e7fcd50f5ce1ffe3db8ab45724c79efa0c56c03ce07
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 15:52:59 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
15870
x-cache-status
hit-front
x-cache
cp3065 hit, cp3063 hit/306
server-timing
cache;desc="hit-front"
content-length
14178
x-client-ip
2a01:4f8:192:5414::2
last-modified
Thu, 01 Oct 2020 02:12:14 GMT
server
ATS/8.0.8
etag
e31562119bf2a2c22a7a595edfe011dd
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
x-timestamp
1601518333.46914
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
OIP%20(9)(1).jpg
beforeitsnews.com/contributor/upload/106013/images/
25 KB
26 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/OIP%20(9)(1).jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9efff5970b479d5a02f300e10b15f5529c38c10a19906a1ac900484581f30e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
80709
cf-polished
origSize=27585, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25993
cf-request-id
072365dae200002b713cb8b000000001
last-modified
Sat, 19 Dec 2020 21:48:38 GMT
server
cloudflare
etag
"5fde7536-6bc1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b6a2b71-FRA
expires
Sun, 19 Dec 2021 21:52:18 GMT
EVIL.jpg
jamesredpillsamerica.com/images/
538 KB
540 KB
Image
General
Full URL
https://jamesredpillsamerica.com/images/EVIL.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:1cf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f0e80aa16c0703f0454dbf4b88664fd7fac80466a92f455559c77b57f80f4c

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5950
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
551262
cf-request-id
072365dafc00002b2246890000000001
last-modified
Sun, 20 Dec 2020 18:34:28 GMT
server
cloudflare
etag
"5fdf9934-8695e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5VhqZ0cMPbyJ6NzINSieRqY1shGNN7hWlY7UVGpc5y7qysEnO7DrFKv9TzpYpifBjAX6Mps1r90VLJgzEvhnuZX7dHffBv29we8moO1RNB3NwuUm3slKajnQKeX3qaLymo3Iheo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
604c0c0b288b2b22-FRA
expires
Mon, 20 Dec 2021 18:38:21 GMT
800a1d99-a10a-46fa-9810-496777c27952
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/
23 KB
23 KB
Image
General
Full URL
https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/800a1d99-a10a-46fa-9810-496777c27952
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.16.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c45b1eec80e5b5d7f5db645c857a91d38160f5985214f5c0f0662236c4e5a513

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:30 GMT
Last-Modified
Sat, 19 Dec 2020 15:40:52 GMT
Server
AmazonS3
x-amz-request-id
BW3Z6R9KAK9YDQ3T
ETag
"998a713655eb77dd96bc6f922f28a39c"
x-amz-meta-optimized
true
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
23294
x-amz-id-2
MkEFGhaColgqk4ozQYEzHs7nzL+/A1V4hyF/HFIIP8527ukvExUqjOcHA87Czp3Xpt1EdrTwU10=
Gates_Fauci_NWO_Virus.png
beforeitsnews.com/contributor/upload/713008/images/
59 KB
59 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/713008/images/Gates_Fauci_NWO_Virus.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ffb67ad8dc98a3891ae39f32c274b98e9b9ce7e96c1cb99468c16119b82d02e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
140844
cf-polished
origFmt=png, origSize=69729
content-disposition
inline; filename="Gates_Fauci_NWO_Virus.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60352
cf-request-id
072365dae300002b7102232000000001
last-modified
Sat, 19 Dec 2020 05:02:58 GMT
server
cloudflare
etag
"5fdd8982-11061"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b6c2b71-FRA
expires
Sun, 19 Dec 2021 05:10:04 GMT
Simon_Park%20.png
beforeitsnews.com/contributor/upload/713008/images/
72 KB
73 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/713008/images/Simon_Park%20.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3fded1f2cf2fb3e7347408392b688efc920047702435afc9d17244e802496f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
96210
cf-polished
origFmt=png, origSize=89541
content-disposition
inline; filename="Simon_Park%20.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74138
cf-request-id
072365dae200002b7143b77000000001
last-modified
Sat, 19 Dec 2020 17:28:55 GMT
server
cloudflare
etag
"5fde3857-15dc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b702b71-FRA
expires
Sun, 19 Dec 2021 17:33:58 GMT
hqdefault.jpg
img.youtube.com/vi/khpT_TVbmyc/
35 KB
35 KB
Image
General
Full URL
https://img.youtube.com/vi/khpT_TVbmyc/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fad8c9f03c024d5b95c3503270dad839a5b3805c8f6cc32e013feb29890e31e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:14:11 GMT
x-content-type-options
nosniff
server
sffe
age
197
etag
"1608477120"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36065
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:19:11 GMT
4r34ss.jpg
i.imgflip.com/
142 KB
142 KB
Image
General
Full URL
https://i.imgflip.com/4r34ss.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965c26cebd0d53bf6221be5b8ac482fc7cf532c099fee646afa5b6afc07ce51

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
cf-cache-status
HIT
age
13144
cf-polished
origSize=145988
cf-ray
604c0c0b7ed81d0e-CPH
content-length
145030
x-amz-id-2
yK89yLNUue1KYOrxuRgKo0hlPxtvAJa8ypWds6tVnKpetpzVLJYmEDh6XTXY8Zd8oY3OAUOE5Xw=
last-modified
Sun, 20 Dec 2020 16:28:10 GMT
server
cloudflare
etag
"ce2e937b1464e69fb3c0cffd09687640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
02C7F107D290F51B
access-control-allow-origin
*
expires
Wed, 18 Dec 2030 20:17:28 GMT
cache-control
public, max-age=315360000
cf-request-id
072365db2a00001d0e37aad000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
imgq:100,h2pri
maxresdefault.jpg
i.ytimg.com/vi/HXyIehh2oI8/
170 KB
170 KB
Image
General
Full URL
https://i.ytimg.com/vi/HXyIehh2oI8/maxresdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4c604a41fcbff202d58a5849f90896ce094a515b46afd1133442ad96dd7f2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:13:37 GMT
x-content-type-options
nosniff
server
sffe
age
231
etag
"1608228753"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
173891
x-xss-protection
0
expires
Sun, 20 Dec 2020 22:13:37 GMT
ed6e6b96-d520-40ec-b3ef-f48526dcb963
s3.amazonaws.com/webseed-realvideo-thumbnail/poster/
117 KB
118 KB
Image
General
Full URL
https://s3.amazonaws.com/webseed-realvideo-thumbnail/poster/ed6e6b96-d520-40ec-b3ef-f48526dcb963
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.16.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
42ad5e7034d51439f53541b9f772f5e4ef07b085f1e5cdc381b01872a02d131f

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:30 GMT
Last-Modified
Thu, 17 Dec 2020 19:24:46 GMT
Server
AmazonS3
x-amz-request-id
78E610F812B06460
ETag
"3224059a7e73923be36032e3f47e109e"
x-amz-meta-optimized
true
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
120113
x-amz-id-2
dFw3gf1mS8PRyP2sieZnF3XGuH83LGh+3royRYc+a4Ado1lx1XF05P9Se6LrhntyrrIqdghpwLs=
S44dJjxDTuNZ_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/
35 KB
35 KB
Image
General
Full URL
https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/S44dJjxDTuNZ_640x360.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-185-59-220-193.datapacket.com
Software
BunnyCDN-DE1-601 /
Resource Hash
076a94b81494d3391aef8d653126cf909d60999aec689ee2a1b4c048d042948a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid
632
x-amz-request-id
tx000000000000006aa0217-005fde8094-43b55da-nyc3a
cdn-cachedat
2020-12-19 23:37:08
cdn-pullzone
89010
content-length
35520
last-modified
Sat, 19 Dec 2020 22:30:53 GMT
server
BunnyCDN-DE1-601
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control
public, max-age=31919000
cdn-requestid
b6f2abc047d7d31cf58fef46798bbf35
accept-ranges
bytes
cdn-requestcountrycode
DK
WARRIORS.jpg
jamesredpillsamerica.com/images/
773 KB
774 KB
Image
General
Full URL
https://jamesredpillsamerica.com/images/WARRIORS.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:1cf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7dc2b9d1e9e9562ceb6ff721a7ff6a07fe97816074bc58ce14ce16a61aaf07

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
345724
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
791316
cf-request-id
072365db0a00002b222c0c7000000001
last-modified
Wed, 16 Dec 2020 19:58:28 GMT
server
cloudflare
etag
"5fda66e4-c1314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P5OEHw65Lh8CAmRpvOERPyGw9iW0TvS00RxSzH84FPsWYGxIvkoRD5YnPIvAlafKCcZn55Q8urh3xOKvNsQEJxvVyvpvfUqy93qQEnK8R7IKH4n%2FXeAxk6Og6peqPzoBY3M%2FGm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
604c0c0b48bf2b22-FRA
expires
Thu, 16 Dec 2021 20:15:28 GMT
HcvLo7oPXw0f_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/
31 KB
31 KB
Image
General
Full URL
https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/HcvLo7oPXw0f_640x360.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-185-59-220-193.datapacket.com
Software
BunnyCDN-DE1-601 /
Resource Hash
af030f5110b979cdb6088e157af646ed84fb48843cdf9003b5cbd652fca89f4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid
565
age
0
cdn-cachedat
2020-12-18 23:46:37
cdn-pullzone
89010
content-length
31538
x-amz-request-id
tx00000000000000617c899-005fdd314d-43b55da-nyc3a
last-modified
Fri, 18 Dec 2020 22:42:20 GMT
server
BunnyCDN-DE1-601
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control
public, max-age=31919000
cdn-requestid
2084d6e432aace5d7635498572cc8cf2
accept-ranges
bytes
cdn-requestcountrycode
DK
OIP%20(4)(5).jpg
beforeitsnews.com/contributor/upload/106013/images/
12 KB
12 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/OIP%20(4)(5).jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe20d0d93c6b8e49e75dcc575d4e7acb994a7b382077ecfa5eb363002fe9fca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
181211
cf-polished
origSize=13698, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12588
cf-request-id
072365dae200002b711d394000000001
last-modified
Fri, 18 Dec 2020 17:53:13 GMT
server
cloudflare
etag
"5fdcec89-3582"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b722b71-FRA
expires
Sat, 18 Dec 2021 17:57:17 GMT
201208_DrElkeFdeKlerk_onCovidVaccine.jpg
beforeitsnews.com/contributor/upload/418130/images/
49 KB
49 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/418130/images/201208_DrElkeFdeKlerk_onCovidVaccine.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7076ae1f2fdb36099390661d9b82ff46cb3b4256bd3f31160f959f2e87e425b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
238195
cf-polished
origFmt=jpeg, origSize=175491
content-disposition
inline; filename="201208_DrElkeFdeKlerk_onCovidVaccine.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49942
cf-request-id
072365dae300002b7107317000000001
last-modified
Wed, 16 Dec 2020 11:33:51 GMT
server
cloudflare
etag
"5fd9f09f-2ad83"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b752b71-FRA
expires
Sat, 18 Dec 2021 02:07:33 GMT
primary-share.png
cf.girlsaskguys.com/q4257705/
510 KB
511 KB
Image
General
Full URL
https://cf.girlsaskguys.com/q4257705/primary-share.png?69
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6e3ebaf6239b54e5814a5f4d16adecd07cd73642d10f9f5cf7190ae9b9c3d2

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
71167
cf-polished
origFmt=png, origSize=1971355
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
inline; filename="primary-share.webp"
content-length
521788
cf-request-id
072365db25000005f110358000000001
x-amz-meta-image-width
1200
x-amz-meta-image-height
630
last-modified
Tue, 11 Aug 2020 12:05:26 GMT
server
cloudflare
etag
"b6b379864fbbd817551c72809720e253"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FF0ec9dp%2BFeXM5Hp0eqgMzHzxzpbs0OmqdM47dR2iVTK0X6aC18z%2BEzBPbZkCw%2FC4IIXytrYG2WjXmTluXY3ohzF9LdSH0jO9LELLz8%2BQ%2Fv0zpr1nYeMGljTs7vrOzSI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
cf-ray
604c0c0b6d7105f1-FRA
x-amz-cf-id
6a5dU22F9lp4XD6kOn3WznIzdo7DkynbUR2i2GAwExsOjY0umHKG5g==
cf-bgj
imgq:85,h2pri
hqdefault.jpg
img.youtube.com/vi/_--2NFX6qbg/
9 KB
9 KB
Image
General
Full URL
https://img.youtube.com/vi/_--2NFX6qbg/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33848ec15971b15bb25dd1e42dd1abcfb0b521c8c1363e5ffd5da7804a38ccb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 19:28:32 GMT
x-content-type-options
nosniff
server
sffe
age
2936
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9259
x-xss-protection
0
expires
Sun, 20 Dec 2020 21:28:32 GMT
KYPUHF.png
iili.io/
235 KB
235 KB
Image
General
Full URL
https://iili.io/KYPUHF.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72c8257271d5ac677ab2c9ff8a29220a7128c639b73db95db9cf3ad03ef96f7c

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
access-control-allow-methods
GET, OPTIONS
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7171
content-length
240136
cf-request-id
072365db35000063dd901cd000000001
last-modified
Sun, 20 Dec 2020 18:06:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ps9%2B2WRqSyVt49uiacnmYbB3vArFj%2B68GJ6m0Yuanb5%2FfNYZ5fZeTDKxB%2Bp4oolcLR9lV4R9Eu0nXuYZZYN0CmflHvERNs6YfNgP5FC2J3S4dY4%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
604c0c0b8f3863dd-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
JESUS-IS-MISSING.jpg
www.morningstar.ng/wp-content/uploads/2016/11/
8 KB
8 KB
Image
General
Full URL
http://www.morningstar.ng/wp-content/uploads/2016/11/JESUS-IS-MISSING.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
81.19.215.5 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
delta.cloudns.io
Software
nginx /
Resource Hash
5abd1fc8bb2f006078e2cd79cabd76eeb26b4c6c9335fa27ab6c9aaa223fb178

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:29 GMT
Last-Modified
Fri, 11 Nov 2016 15:19:17 GMT
Server
nginx
Accept-Ranges
bytes
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, max-age=864000
X-Turbo-Charged-By
LiteSpeed
cluster-host
delta.cloudns.io
Content-Length
8065
Expires
Sun, 27 Dec 2020 20:17:29 GMT
giphy.gif
media0.giphy.com/media/HcmgjlrPVKr6w/
1 MB
1 MB
Image
General
Full URL
https://media0.giphy.com/media/HcmgjlrPVKr6w/giphy.gif
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1d10f374a222e7a7d724948597eac631b69416251cbad0396610788157a10b6
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
via
1.1 varnish, 1.1 varnish
age
629326
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
1278188
x-served-by
cache-bwi5126-BWI, cache-fra19182-FRA
last-modified
Fri, 23 Sep 2016 21:50:49 GMT
x-timer
S1608495449.023079,VS0,VE1
etag
"092cd842c5cc989adea79422cf894e4f"
strict-transport-security
max-age=86400
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1, 1
image.jpg
www.stripes.com/polopoly_fs/1.632291.1591206259!/image/image.jpg_gen/derivatives/landscape_900/
132 KB
132 KB
Image
General
Full URL
https://www.stripes.com/polopoly_fs/1.632291.1591206259!/image/image.jpg_gen/derivatives/landscape_900/image.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.62.40.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ARR/2.5, ASP.NET
Resource Hash
f58900c46838dd616dac2002cb511eac3c10753adc10a855073c883e0785f81c

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:28 GMT
Cache-Control
max-age=1209600
Last-Modified
Wed, 03 Jun 2020 17:50:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ARR/2.5, ASP.NET
Content-Length
135312
Content-Type
image/jpeg
captura1-1-687x366.png
m.thebl.com/wp-content/uploads/2020/12/
294 KB
295 KB
Image
General
Full URL
https://m.thebl.com/wp-content/uploads/2020/12/captura1-1-687x366.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9f4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c50101c34398597ac1ea3e5358ea9e1d801807b0317b4363252bd95193614ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
147285
strict-transport-security
max-age=63072000
content-length
301012
cf-request-id
072365db7a0000dfe7fd802000000001
last-modified
Tue, 01 Dec 2020 21:30:53 GMT
server
cloudflare
etag
"5fc6b60d-497d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gpART18%2F9wDLX%2BqDYZVeueoq9KeLPtTOl4eUxRl7axgdroZ25tON2KWxi9fPFNeQW7j%2BamC5Eee9tRBw0taTS1w0I9rknJEKMIiV13%2BwQLr%2F9olGdpwW%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
604c0c0bfe33dfe7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
R45f24f262ed5ae268c68f326a8855a7e.jpg
beforeitsnews.com/contributor/upload/106013/images/
32 KB
32 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/R45f24f262ed5ae268c68f326a8855a7e.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202592cabd88a9b1b38ecae8c933a78f9f39355ffc9b2f24aadd13eda9518a2a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
5733
cf-polished
origFmt=jpeg, origSize=86762
content-disposition
inline; filename="R45f24f262ed5ae268c68f326a8855a7e.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32636
cf-request-id
072365dae300002b712fbbc000000001
last-modified
Sun, 20 Dec 2020 18:39:19 GMT
server
cloudflare
etag
"5fdf9a57-152ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b762b71-FRA
expires
Mon, 20 Dec 2021 18:41:55 GMT
loading.gif
beforeitsnews.com/img/v3/
14 KB
14 KB
Image
General
Full URL
https://beforeitsnews.com/img/v3/loading.gif
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
236357
cf-polished
origFmt=gif, origSize=38375
content-disposition
inline; filename="loading.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14030
cf-request-id
072365dae300002b7163ad9000000001
last-modified
Wed, 13 Jun 2018 18:37:21 GMT
server
cloudflare
etag
"5b216461-95e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b772b71-FRA
expires
Sat, 18 Dec 2021 02:38:11 GMT
David-Dees-artwork.png
tntrafficticket.us/wp-content/uploads/2017/05/
1 MB
1 MB
Image
General
Full URL
https://tntrafficticket.us/wp-content/uploads/2017/05/David-Dees-artwork.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.226.130.62 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.130.226.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
eff11b862f4349b2473385aa90d66e0ac6d3be33f4c288a42715e351a6d72186

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
last-modified
Sat, 08 Aug 2020 09:39:22 GMT
server
nginx
etag
"5f2e72ca-11473c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1132348
OIP%20(7)(1).jpg
beforeitsnews.com/contributor/upload/106013/images/
12 KB
12 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/OIP%20(7)(1).jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30bfc868243575bd7a29d4f8d36a453b5570f2e8792f1ba989fee23ee04ab890
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
101420
cf-polished
origSize=13246, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11988
cf-request-id
072365dae400002b71f9985000000001
last-modified
Sat, 19 Dec 2020 16:05:37 GMT
server
cloudflare
etag
"5fde24d1-33be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b7a2b71-FRA
expires
Sun, 19 Dec 2021 16:07:08 GMT
9d63140d-19ed-4a45-a042-a2531d1d2383
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/
240 KB
240 KB
Image
General
Full URL
https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/9d63140d-19ed-4a45-a042-a2531d1d2383
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.16.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2b7929406c9755bddeee14792c5bc628ed511e22c49aa54d43181307ca7bed67

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:30 GMT
Last-Modified
Sat, 19 Dec 2020 15:21:07 GMT
Server
AmazonS3
x-amz-request-id
52FD2B4578E90BF3
ETag
"1a699d9e34654317cdf313f785b272b8"
x-amz-meta-optimized
true
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
245537
x-amz-id-2
W0yvWhThJze+EHjGuhpBuMBrfD/DcGEVcFpRn9wohVV4ZKzD3qZ7usiTAWMJubipqLFHPzHTeVQ=
hqdefault.jpg
img.youtube.com/vi/oqtNkhKGgmo/
24 KB
25 KB
Image
General
Full URL
https://img.youtube.com/vi/oqtNkhKGgmo/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068cfc47e4df1a96edc34feae19e7038274de7b1cafc9f733d72627d22471822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:07 GMT
x-content-type-options
nosniff
server
sffe
age
21
etag
"1608411756"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25080
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:22:07 GMT
Screenshot%202020-12-16%20235527.png
beforeitsnews.com/contributor/upload/713008/images/
109 KB
110 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/713008/images/Screenshot%202020-12-16%20235527.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a30390ed3206a8f05a65b99556f6f732dac17ee26ef5a774f6d10980bd25a985
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
303049
cf-polished
origFmt=png, origSize=199527
content-disposition
inline; filename="Screenshot%202020-12-16%20235527.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111840
cf-request-id
072365dae600002b71f9986000000001
last-modified
Thu, 17 Dec 2020 07:56:02 GMT
server
cloudflare
etag
"5fdb0f12-30b67"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b7c2b71-FRA
expires
Fri, 17 Dec 2021 08:06:39 GMT
hqdefault(287).jpg
beforeitsnews.com/contributor/upload/106013/images/
14 KB
15 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/hqdefault(287).jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
711433
cf-polished
status=not_needed
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14766
cf-request-id
072365dae600002b7115b90000000001
last-modified
Fri, 14 Aug 2020 20:18:17 GMT
server
cloudflare
etag
"5f36f189-39ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b802b71-FRA
expires
Sun, 12 Dec 2021 14:40:15 GMT
heymyTMAqbNI_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/
47 KB
48 KB
Image
General
Full URL
https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/heymyTMAqbNI_640x360.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-185-59-220-193.datapacket.com
Software
BunnyCDN-DE1-601 /
Resource Hash
81ef4e25e521f81d0efd5d1dd5885a1e4e39b1b9974bdc3117d7a9dbc1133e84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid
632
x-amz-request-id
tx0000000000000067c1f67-005fde1b74-43b205e-nyc3a
cdn-cachedat
2020-12-19 16:25:41
cdn-pullzone
89010
content-length
48404
last-modified
Sat, 19 Dec 2020 15:23:51 GMT
server
BunnyCDN-DE1-601
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control
public, max-age=31919000
cdn-requestid
ece76ae0461136ef155aa641f8d645d3
accept-ranges
bytes
cdn-requestcountrycode
DK
hqdefault.jpg
img.youtube.com/vi/DkiQdcP3DOQ/
38 KB
38 KB
Image
General
Full URL
https://img.youtube.com/vi/DkiQdcP3DOQ/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1ad2e69f7c7ccca553946ca3ce67e4249ad4315d7341136f1fdb6559d33e7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 19:31:48 GMT
x-content-type-options
nosniff
server
sffe
age
2740
etag
"1607891060"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39214
x-xss-protection
0
expires
Sun, 20 Dec 2020 21:31:48 GMT
hqdefault.jpg
img.youtube.com/vi/QoBj-RGaZyE/
24 KB
24 KB
Image
General
Full URL
https://img.youtube.com/vi/QoBj-RGaZyE/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35a82ddaf03e843fc4768f9bce9fb256510d791d9dadac092442f284ffb8caf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 19:14:43 GMT
x-content-type-options
nosniff
server
sffe
age
3765
etag
"1608168802"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24989
x-xss-protection
0
expires
Sun, 20 Dec 2020 21:14:43 GMT
Screen%20Shot%202020-12-20%20at%202_39_35%20AM.jpg
beforeitsnews.com/contributor/upload/724569/images/
30 KB
30 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-12-20%20at%202_39_35%20AM.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54585280d1028d7638386af088652705a69740d5a8f296eafc7f98ba8554c3d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
68676
cf-polished
origSize=36025, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30579
cf-request-id
072365dae500002b713a203000000001
last-modified
Sun, 20 Dec 2020 00:43:57 GMT
server
cloudflare
etag
"5fde9e4d-8cb9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b852b71-FRA
expires
Mon, 20 Dec 2021 01:12:52 GMT
maxresdefault.jpg
i.ytimg.com/vi/MAu9QKT_TxI/
229 KB
229 KB
Image
General
Full URL
https://i.ytimg.com/vi/MAu9QKT_TxI/maxresdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670dafc78bf28e92c618b32088cb7398f402bbf4f7135e224532fd391848f5c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:08:35 GMT
x-content-type-options
nosniff
server
sffe
age
533
etag
"1607998992"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234708
x-xss-protection
0
expires
Sun, 20 Dec 2020 22:08:35 GMT
143cMeT0GhjK_640x360.jpg
static-3.bitchute.com/live/cover_images/uvOyUZINubUd/
36 KB
36 KB
Image
General
Full URL
https://static-3.bitchute.com/live/cover_images/uvOyUZINubUd/143cMeT0GhjK_640x360.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-185-59-220-193.datapacket.com
Software
BunnyCDN-DE1-601 /
Resource Hash
787a94617c4a8b88d9f0a92e0eac8fed28c7d35f296028a550725464aee28539
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid
565
x-amz-request-id
tx0000000000000062531dd-005fdd6638-43ba6e0-nyc3a
cdn-cachedat
2020-12-19 03:32:24
cdn-pullzone
89010
content-length
36678
last-modified
Sat, 19 Dec 2020 01:44:11 GMT
server
BunnyCDN-DE1-601
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control
public, max-age=31919000
cdn-requestid
37b250c4efb4eaff53f8335973c03353
accept-ranges
bytes
cdn-requestcountrycode
DK
headsup.jpg
www.dancebase.co.uk/media/
73 KB
73 KB
Image
General
Full URL
https://www.dancebase.co.uk/media/headsup.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.138.111.133 , United Kingdom, ASN35425 (BYTEMARK-AS, GB),
Reverse DNS
lauren-live.default.laurenkyla.uk0.bigv.io
Software
Apache/2.2.22 (Debian) /
Resource Hash
869f59c636c830291e34258562dd42f73c35334e267037c93770001d61f78a49

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:29 GMT
Last-Modified
Mon, 22 Jun 2015 13:04:49 GMT
Server
Apache/2.2.22 (Debian)
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
74894
Expires
Mon, 20 Dec 2021 20:17:29 GMT
pasted_image_0.png
www.rumormillnews.com/pix/
699 KB
699 KB
Image
General
Full URL
http://www.rumormillnews.com/pix/pasted_image_0.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
45.79.195.246 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
fb3510b827835b851396cd05695713efff68826162ca27a73298fb29ee46a1f0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:29 GMT
Last-Modified
Sat, 05 Dec 2020 08:37:38 GMT
Server
Apache/2.4.10 (Debian)
ETag
"aeabb-5b5b381650e3e"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
715451
A_A_A_Twenty.jpg
beforeitsnews.com/contributor/upload/428376/images/
86 KB
87 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/428376/images/A_A_A_Twenty.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2a129f29805ca234b0c8374aec9b74a9795d1a0d1c3335bf42041839e843aa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
272594
cf-polished
origSize=95876, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
88361
cf-request-id
072365dae500002b710eb43000000001
last-modified
Thu, 26 Dec 2019 06:44:30 GMT
server
cloudflare
etag
"5e0456ce-17684"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b862b71-FRA
expires
Fri, 17 Dec 2021 16:34:14 GMT
maxresdefault.jpg
i.ytimg.com/vi/Ju8YFsQlC-8/
139 KB
139 KB
Image
General
Full URL
https://i.ytimg.com/vi/Ju8YFsQlC-8/maxresdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
904df826ac2b2bc80617fe91ac632a4aaea6c2ebccf269bf87f355deb39d870e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:15:16 GMT
x-content-type-options
nosniff
server
sffe
age
132
etag
"1608389487"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141846
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:20:16 GMT
hqdefault.jpg
img.youtube.com/vi/Dgm23U61IVk/
39 KB
39 KB
Image
General
Full URL
https://img.youtube.com/vi/Dgm23U61IVk/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e11856b669d80ade06681b95ec9d41db8534aeeb3ea8065652976e2bc047f2f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:14:08 GMT
x-content-type-options
nosniff
server
sffe
age
200
etag
"1608353125"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39478
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:19:08 GMT
hqdefault.jpg
img.youtube.com/vi/dtsTz_X8gEY/
34 KB
34 KB
Image
General
Full URL
https://img.youtube.com/vi/dtsTz_X8gEY/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6577682a5529ae8edd2fde1f3e5c68ef89277a0f12d47c413d10b7d8052621dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:14:08 GMT
x-content-type-options
nosniff
server
sffe
age
200
etag
"1608324089"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34552
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:19:08 GMT
COVERL1.jpg
beforeitsnews.com/contributor/upload/713008/images/
103 KB
104 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/713008/images/COVERL1.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd54d4a7921368bbd3e05cf10723d022ba0835e9803c58d7f52d5ecf75c27422
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
321599
cf-polished
origSize=121230, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
105731
cf-request-id
072365dae600002b714f387000000001
last-modified
Thu, 26 Nov 2020 01:38:22 GMT
server
cloudflare
etag
"5fbf070e-1d98e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b882b71-FRA
expires
Fri, 17 Dec 2021 02:57:29 GMT
119910218_10217282796251765_3908116604306313738_n.jpg
beforeitsnews.com/contributor/upload/106013/images/
55 KB
55 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/119910218_10217282796251765_3908116604306313738_n.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d20a1591dde0743e137347b77f33c79b3584572ea652a6fc646888126b11279
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
189496
cf-polished
origSize=57056, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55995
cf-request-id
072365dae600002b715d0ff000000001
last-modified
Fri, 18 Dec 2020 15:33:20 GMT
server
cloudflare
etag
"5fdccbc0-dee0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b892b71-FRA
expires
Sat, 18 Dec 2021 15:39:11 GMT
ahHCAP8XUUnb_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/
37 KB
38 KB
Image
General
Full URL
https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ahHCAP8XUUnb_640x360.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-185-59-220-193.datapacket.com
Software
BunnyCDN-DE1-601 /
Resource Hash
3294edd61742f6999c2213e052f5f42b0dd238a09302160e0a46d38eabe0d9a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid
601
x-amz-request-id
tx00000000000000311efc6-005fd664a1-43b55da-nyc3a
cdn-cachedat
2020-12-13 19:59:45
cdn-pullzone
89010
content-length
37957
last-modified
Sun, 13 Dec 2020 18:54:23 GMT
server
BunnyCDN-DE1-601
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control
public, max-age=31919000
cdn-requestid
bac53f0cbb7f804e6e988582d7b0aa60
accept-ranges
bytes
cdn-requestcountrycode
DK
ads.png
beforeitsnews.com/img/v3/
34 B
250 B
Image
General
Full URL
https://beforeitsnews.com/img/v3/ads.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
336373
cf-polished
origFmt=png, origSize=95
content-disposition
inline; filename="ads.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34
cf-request-id
072365dae800002b7125a1c000000001
last-modified
Thu, 30 May 2019 00:55:31 GMT
server
cloudflare
etag
"5cef2a03-5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0b9e2b71-FRA
expires
Thu, 16 Dec 2021 22:51:15 GMT
hqdefault.jpg
i.ytimg.com/vi/CTlpF_kDvH0/
16 KB
16 KB
Image
General
Full URL
https://i.ytimg.com/vi/CTlpF_kDvH0/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a6e86570464befe62f0ad86019c338114068721e30b377cad095eeef4792522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16478
x-xss-protection
0
expires
Sun, 20 Dec 2020 22:17:28 GMT
scientist_reveals_real.jpg
beforeitsnews.com/img/banner2020/
45 KB
45 KB
Image
General
Full URL
https://beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
236209
cf-polished
origFmt=jpeg, origSize=55516
content-disposition
inline; filename="scientist_reveals_real.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46020
cf-request-id
072365daec00002b710731a000000001
last-modified
Sat, 24 Oct 2020 03:28:46 GMT
server
cloudflare
etag
"5f939f6e-d8dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0ba02b71-FRA
expires
Sat, 18 Dec 2021 02:40:39 GMT
hqdefault.jpg
i.ytimg.com/vi/RFzTuaVS8Kk/
11 KB
12 KB
Image
General
Full URL
https://i.ytimg.com/vi/RFzTuaVS8Kk/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83980d2c6be63121ae377e3315c6bdc744309de315d43983dbadf8bd611b4a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11732
x-xss-protection
0
expires
Sun, 20 Dec 2020 22:17:28 GMT
emigrate2.jpeg
beforeitsnews.com/img/banner2020/
55 KB
55 KB
Image
General
Full URL
https://beforeitsnews.com/img/banner2020/emigrate2.jpeg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1334393
cf-polished
origSize=56198, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55905
cf-request-id
072365dae900002b71602f0000000001
last-modified
Tue, 18 Aug 2020 10:27:58 GMT
server
cloudflare
etag
"5f3bad2e-db86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0ba22b71-FRA
expires
Sun, 05 Dec 2021 09:37:34 GMT
polaraidhealth.jpeg
beforeitsnews.com/img/banner2020/
45 KB
46 KB
Image
General
Full URL
https://beforeitsnews.com/img/banner2020/polaraidhealth.jpeg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1175274
cf-polished
origSize=46655, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46365
cf-request-id
072365dae900002b710c394000000001
last-modified
Sat, 22 Aug 2020 10:50:47 GMT
server
cloudflare
etag
"5f40f887-b63f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0ba32b71-FRA
expires
Tue, 07 Dec 2021 05:49:34 GMT
BCX_Rife350x290.jpg
beforeitsnews.com/img/banner2020/
36 KB
36 KB
Image
General
Full URL
https://beforeitsnews.com/img/banner2020/BCX_Rife350x290.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
116207
cf-polished
status=not_needed
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36512
cf-request-id
072365daeb00002b71458ec000000001
last-modified
Wed, 18 Nov 2020 11:58:34 GMT
server
cloudflare
etag
"5fb50c6a-8ea0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0ba42b71-FRA
expires
Sun, 19 Dec 2021 12:00:41 GMT
tabs-bin-rev-20201116.js
beforeitsnews.com/static/js-v3/
148 B
454 B
Script
General
Full URL
https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20201116.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
355289
cf-polished
origSize=189
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365dabf00002b716eb02000000001
last-modified
Sun, 15 Nov 2020 17:33:27 GMT
server
cloudflare
etag
W/"5fb16667-bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c0acadd2b71-FRA
expires
Wed, 23 Dec 2020 17:35:59 GMT
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16055024-1
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9717f3593f6430313f4dea2f062410dfcba266815e06a3526dde931497295f73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38974
x-xss-protection
0
last-modified
Sun, 20 Dec 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 20 Dec 2020 20:17:28 GMT
element.js
translate.google.com/translate_a/
4 KB
2 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
f4916adfebd1959a0ce2e6096d68af2ec3eadf4e7157fb2a5c265c16605e9eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1882
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sharethis.js
platform-api.sharethis.com/js/
100 KB
32 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:7800:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
47f5b2ba7dc4b1d498cf2f83bb1df236323a984a0d58e7a38e19951e39bd176f

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:13:01 GMT
content-encoding
gzip
age
268
etag
W/"191a1-f+Ej8FZ9fSI4UoZYvR0ukXG/9to"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 425ccbcb040dd779e5f3bdc76b6d8ff9.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
cuWn0zx2jJKnYUKEb_RjsISwjJcjHAtzdFVw5dHylz_2p9XK7I4VGQ==
Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js
beforeitsnews.com/cdn-cgi/apps/body/
4 KB
2 KB
Script
General
Full URL
https://beforeitsnews.com/cdn-cgi/apps/body/Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
content-encoding
br
cf-cache-status
HIT
age
4109333
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7D318228C46EEFE0
x-amz-id-2
4/NqYEtT+3aX8zPWmihR6JWXBSi9ALFW50lxCLXE8K3Lt5LCFmIow4hTfZJlo+ZnzUz61Z0RxuY=
last-modified
Fri, 09 Oct 2020 17:38:05 GMT
server
cloudflare
etag
W/"93a3e7d84b15a0c8a8a9e4e6c8779aaa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
3R09nKFA1fkBWMCXCpPvkqre3wT0snqV
cf-request-id
072365daea00002b710eb44000000001
cf-ray
604c0c0b0ba62b71-FRA
top-bg.png
beforeitsnews.com/img/v3/
100 B
301 B
Image
General
Full URL
https://beforeitsnews.com/img/v3/top-bg.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
241436
cf-polished
origFmt=png, origSize=164
content-disposition
inline; filename="top-bg.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100
cf-request-id
072365daea00002b715d100000000001
last-modified
Mon, 18 Jun 2018 21:28:42 GMT
server
cloudflare
etag
"5b28240a-a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0ba92b71-FRA
expires
Sat, 18 Dec 2021 01:13:32 GMT
search.png
beforeitsnews.com/img/b4in/
686 B
927 B
Image
General
Full URL
https://beforeitsnews.com/img/b4in/search.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
236513
cf-polished
origFmt=png, origSize=805
content-disposition
inline; filename="search.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
686
cf-request-id
072365daeb00002b71f4a8d000000001
last-modified
Thu, 13 Apr 2017 09:52:51 GMT
server
cloudflare
etag
"58ef4a73-325"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0b0bac2b71-FRA
expires
Sat, 18 Dec 2021 02:35:35 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v35/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v35/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://beforeitsnews.com
Referer
https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 21:46:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 19:17:42 GMT
server
sffe
age
253880
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13064
x-xss-protection
0
expires
Fri, 17 Dec 2021 21:46:08 GMT
RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
fonts.gstatic.com/s/scada/v9/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://beforeitsnews.com
Referer
https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 13:40:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:15:51 GMT
server
sffe
age
196602
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9028
x-xss-protection
0
expires
Sat, 18 Dec 2021 13:40:46 GMT
truncated
/
803 B
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
culturebg.jpg
beforeitsnews.com/img/v3/
15 KB
15 KB
Image
General
Full URL
https://beforeitsnews.com/img/v3/culturebg.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:28 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1446281
cf-polished
status=not_needed
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15334
cf-request-id
072365db9900002b71f9999000000001
last-modified
Sat, 09 Feb 2019 15:29:21 GMT
server
cloudflare
etag
"5c5ef1d1-3be6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0c2f462b71-FRA
expires
Sat, 04 Dec 2021 02:32:46 GMT
incr_views.php
beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/
8 B
309 B
XHR
General
Full URL
https://beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/incr_views.php?id=23&_=1608495448990
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6c9cba488a916983d814fde518217ea8b6ed7d286f6c48d262108e72f814f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://beforeitsnews.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
604c0c0c3f6d2b71-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8
cf-request-id
072365dba100002b7132bd4000000001
beforeitsnews.com.351459.js
jsc.mgid.com/b/e/ Frame 2151
207 KB
55 KB
Script
General
Full URL
https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911a95b5ebc85069d70b49165bbb081f87277d48f598648e9f3f57a576ce0d59

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
content-encoding
br
cf-cache-status
HIT
age
1844
cf-polished
origSize=211914
last-modified
Mon, 23 Nov 2020 10:21:37 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
26A72D5D883119F0
x-amz-id-2
Ep+G87hE/Wfn6Y/LZS6YJ6MyA8Ly5TWcq5bqX9AdLUarxCQSzUbbaoyzYN4R1v2W5FdW7iMG/7Q=
cf-bgj
minify
server
cloudflare
etag
W/"2d31eaa26b18d508e3d54de779ffb8ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
072365dc81000010ef832d6000000001
cf-ray
604c0c0d9ba810ef-CPH
expires
Sun, 20 Dec 2020 23:17:29 GMT
BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/
42 KB
42 KB
Image
General
Full URL
https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1183999
cf-polished
status=not_needed
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43060
cf-request-id
072365dba900002b71221a4000000001
last-modified
Thu, 28 May 2020 11:32:46 GMT
server
cloudflare
etag
"5ecfa15e-a834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
private, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0c4fa12b71-FRA
expires
Tue, 07 Dec 2021 03:24:10 GMT
beforeitsnews.com.720412.js
jsc.mgid.com/b/e/ Frame 263C
208 KB
55 KB
Script
General
Full URL
https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020112020
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed0549c6c4d11bd4fa70f8bfc652dda717a3c172d5feb72b25c96d1e350832e9

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
content-encoding
br
cf-cache-status
HIT
age
3749
cf-polished
origSize=213308
last-modified
Mon, 23 Nov 2020 10:26:46 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
98C45BCDFBFA7EB8
x-amz-id-2
HDa7kviJxmLtd/IFJ9Hk5km735D9Xuz5hnA9f5vR+W24wTNNFCxRGYjZJtXoeE+a1w4sFLgV29c=
cf-bgj
minify
server
cloudflare
etag
W/"2c3f279cf444a835c134f775f7695332"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
072365dc9b000010ef772ee000000001
cf-ray
604c0c0dcc4010ef-CPH
expires
Sun, 20 Dec 2020 23:17:29 GMT
translateelement.css
translate.googleapis.com/translate_static/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 19:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1341
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 20 Dec 2020 20:55:08 GMT
main.js
translate.googleapis.com/translate_static/js/element/
4 KB
2 KB
Script
General
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2029
x-xss-protection
0
last-modified
Thu, 03 Dec 2020 22:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 20 Dec 2020 21:13:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
133 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47107
x-xss-protection
0
server
cafe
etag
13290078405355148527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 20 Dec 2020 20:17:29 GMT
advertising.js
rddywd.com/
9 B
635 B
Script
General
Full URL
https://rddywd.com/advertising.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:80dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
70902
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nzh%2B7EWV2bkoEnKKlB3bJTQEkboKKWHLnha5sBElsnNPL4SOyQbLziAlahj2fTtHqxhM6VQUxq%2BEupwZpGG%2BWL7CYNQMxj%2FOCJYg3f4cuRoOlzEZI4j7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
604c0c0e498a1f35-FRA
content-length
9
cf-request-id
072365dcee00001f350da9a000000001
adcode.png
rddywd.com/
43 B
683 B
Image
General
Full URL
https://rddywd.com/adcode.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:80dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
63149
content-length
43
cf-request-id
072365dcee00002c423621b000000001
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KO%2BKZ2Y679F43rTpS1GrzoZqQXaqFaM7PjHwYwFyMkDmwhOD7Tmw2uQinhJTbVQWoLlN%2BBOVvfP0zTDkmZv2QbMfSVBa5jJLCT1t9y5ZUlnPCOPOuFY7"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
604c0c0e4a5f2c42-FRA
generate_204
www.googleapis.com/
0
182 B
Image
General
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
logo-bottom.jpg
beforeitsnews.com/img/v3/
2 KB
2 KB
Image
General
Full URL
https://beforeitsnews.com/img/v3/logo-bottom.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
236192
cf-polished
origFmt=jpeg, origSize=2574
content-disposition
inline; filename="logo-bottom.webp"
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2250
cf-request-id
072365dc0100002b71011d3000000001
last-modified
Wed, 06 Jun 2018 18:26:21 GMT
server
cloudflare
etag
"5b18274d-a0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c0cc9522b71-FRA
expires
Sat, 18 Dec 2021 02:40:57 GMT
count.php
beforeitsnews.com/core/ajax/counter/
15 B
98 B
XHR
General
Full URL
https://beforeitsnews.com/core/ajax/counter/count.php
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52bcbc75a56327b3391fb00b5a2769614044e06ea3628c651586b2159652cdc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://beforeitsnews.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
604c0c0d1a302b71-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
cf-request-id
072365dc2e00002b7132be5000000001
5f2c559be7229f0012f31c92.js
buttons-config.sharethis.com/js/
1 KB
871 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/5f2c559be7229f0012f31c92.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:17 GMT
content-encoding
gzip
etag
"321dc6041bb0ea183e662f402b588149"
last-modified
Thu, 06 Aug 2020 20:50:47 GMT
server
AmazonS3
age
19
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 b61409af370dbf025ffc910b1252c65f.cloudfront.net (CloudFront)
cache-control
public, max-age=60
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
oNnPLjIVfIMzyeRBo8fANW0Bh2GoQhPCEGp2GmBFH___I2hEriqq8A==
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
756
date
Sun, 20 Dec 2020 20:04:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 20 Dec 2020 22:04:53 GMT
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 12D5
0
0
Document
General
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:1e00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://beforeitsnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
cache-control
max-age=3600, public
date
Sun, 20 Dec 2020 19:51:44 GMT
etag
W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
TYo0Fz3xAHRfQRAHJIxAezStbobMpjMAmNPgIYOf1mRhE22SB-v3Lg==
age
1545
element_main.js
translate.googleapis.com/element/TE_20201130_00/e/js/element/
243 KB
87 KB
Script
General
Full URL
https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 14:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19317
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88693
x-xss-protection
0
last-modified
Mon, 30 Nov 2020 10:52:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Dec 2021 14:55:32 GMT
pview
l.sharethis.com/
0
339 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=beforeitsnews.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fbeforeitsnews.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&cms=unknown&publisher=5f2c559be7229f0012f31c92&sop=true&bsamesite=true&consent_cookie_duration=88&consent_duration=88&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Before%20It%27s%20News%C2%AE%20is%20a%20community%20of%20individuals%20who%20report%20on%20what%27s%20going%20on%20around%20them%2C%20from%20all%20around%20the%20world.%20You%20can%20join%20to%20Contribute%20News%20and%20Comments.
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.149.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-149-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:29 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://beforeitsnews.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 09:04:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
40393
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Mon, 20 Dec 2021 09:04:16 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ Frame 92E7
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 19:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1341
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 20 Dec 2020 20:55:08 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/
825 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 09:55:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
37300
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Mon, 20 Dec 2021 09:55:49 GMT
cleardot.gif
www.google.com/images/
43 B
111 B
Image
General
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ByMGID.svg
cdn.mgid.com/images/logos/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
content-encoding
br
cf-cache-status
HIT
age
2546
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EDD0957952C83C96
x-amz-id-2
5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified
Thu, 07 May 2020 09:36:25 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag
W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
072365dd5a000010efa7334000000001
cf-ray
604c0c0efe6510ef-CPH
truncated
/
138 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/j/
2 B
67 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=614985141&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=837464151&gjid=1200828581&cid=1311208604.1608495449&tid=UA-16055024-1&_gid=810859892.1608495449&_r=1&gtm=2oubu0&z=168919271
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://beforeitsnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
138 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 00:21:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:08:16 GMT
server
sffe
age
158164
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16224
x-xss-protection
0
expires
Sun, 19 Dec 2021 00:21:25 GMT
1
servicer.mgid.com/351459/
3 KB
2 KB
Script
General
Full URL
https://servicer.mgid.com/351459/1?w=0&h=-1&wrongImageSize=1&cols=4&pv=5&cbuster=1608495449575830253233&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=17681ccc5e7901dbff0&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021deaf90ebdbb1fb73e91354e4f5727bf014b87efc23f2f4005f8dc08ca0949

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
604c0c0ff8dd10ef-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365ddfd000010ef94978000000001
l
translate.googleapis.com/translate_a/ Frame 5ACB
3 KB
1 KB
Script
General
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m5kDfimMf9u70JgXRsc6og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-m5kDfimMf9u70JgXRsc6og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Sun, 20 Dec 2020 20:17:29 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
89 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-16055024-1&cid=1311208604.1608495449&jid=837464151&gjid=1200828581&_gid=810859892.1608495449&_u=IEBAAUAAAAAAAC~&z=1555240277
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 20 Dec 2020 20:17:29 GMT
content-type
text/plain
access-control-allow-origin
https://beforeitsnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
88 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=1311208604.1608495449&jid=837464151&_u=IEBAAUAAAAAAAC~&z=607583870
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=1311208604.1608495449&jid=837464151&_u=IEBAAUAAAAAAAC~&z=607583870
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
servicer.mgid.com/720412/
1 KB
903 B
Script
General
Full URL
https://servicer.mgid.com/720412/1?w=370&h=334&cols=1&pv=5&cbuster=1608495449614173961433&uniqId=0ee1c&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=17681ccc60eb6be35b2&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020112020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91deab5909098b75940723c849ddf4e06246f29be63c12862b741e23fa82470b

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
604c0c10397d10ef-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365de23000010efd2a67000000001
te_ctrl3.gif
translate.googleapis.com/translate_static/img/
1 KB
1 KB
Image
General
Full URL
https://translate.googleapis.com/translate_static/img/te_ctrl3.gif
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 20:35:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
258098
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1412
x-xss-protection
0
expires
Fri, 17 Dec 2021 20:35:51 GMT
i.js
cm.mgid.com/
1 KB
692 B
Script
General
Full URL
https://cm.mgid.com/i.js?&cbuster=1608495449675747419260
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea54ee23191f7f09b213ea87e149b4c52082f0f68dafe5a48f200a829f55da48

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
2771ac40-bc9b-408f-8e9d-da6eb97820b1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
604c0c109aaf10ef-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365de62000010efd90a3000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame EE26
19 B
413 B
Script
General
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1608495449679335494839
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
c78712d5-7ad1-462d-9f40-c3752d25fbe5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
604c0c109aaa10ef-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365de62000010ef7731b000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp
s-img.mgid.com/g/3805560/492x277/0x0x492x328/
6 KB
6 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805560/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp?v=1608495449-C1wu1QH3zRpRz06IOkVrm8gxXyiYM1ivsp-QAxJroZw
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
864af76ad523736a2f3966f74b8a53e43375d6112bc7a2594d505a2346ae8bf5

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
8e05d5a4-a23b-4ef8-84cf-f0b9d152c7ab
age
4286041
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6402
cf-request-id
072365de63000010ef8fb92000000001
last-modified
Mon, 05 Oct 2020 11:36:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c109ab610ef-CPH
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc.webp
s-img.mgid.com/g/4147885/492x277/61x13x950x633/
10 KB
10 KB
Image
General
Full URL
https://s-img.mgid.com/g/4147885/492x277/61x13x950x633/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc.webp?v=1608495449-bNKFoJXVgt2SSdGJU33CGiYooIk430RCLF1MnGlNCTU
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7cddb2ec0a1c841d8e1fa306ba61194864db42ac45b53ce2728e16136c40c

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
606e6d5b-25cb-45c3-869f-2524b8f54f41
age
1146108
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9798
cf-request-id
072365de62000010ef7a0f5000000001
last-modified
Mon, 05 Oct 2020 11:52:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c109ab210ef-CPH
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/
19 KB
19 KB
Image
General
Full URL
https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1608495449-R_7tn78pfPE1SLaq-RpClluvKFlXg7O2Tf7nc7OltrU
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80051a222c17f6e0ef65e14e863278c0b1167c03e3715e81c67385600aa83b4

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
f12743ae-0a69-4056-b61a-a30469a21e9d
age
4292688
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18988
cf-request-id
072365de63000010ef8d8e4000000001
last-modified
Mon, 05 Oct 2020 11:13:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c109ab410ef-CPH
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp
s-img.mgid.com/g/3805603/492x277/0x63x1000x666/
6 KB
6 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805603/492x277/0x63x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp?v=1608495449--8iDOoHI-qP7PX-fT4fm03iiUcnZvm4Q1n0IYKZpSKk
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914aaf00570039622940a10c515c390e0bdb29e14a4cb1e3c3598cca05e8ead2

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
a611e3bf-31c0-4923-9291-0c8c4ff43fef
age
1079079
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6138
cf-request-id
072365de75000010ef83302000000001
last-modified
Mon, 05 Oct 2020 11:40:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c10bafc10ef-CPH
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp
s-img.mgid.com/g/3805560/492x277/0x0x492x328/ Frame 2151
6 KB
6 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805560/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp?v=1608495449-C1wu1QH3zRpRz06IOkVrm8gxXyiYM1ivsp-QAxJroZw
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
864af76ad523736a2f3966f74b8a53e43375d6112bc7a2594d505a2346ae8bf5

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
8e05d5a4-a23b-4ef8-84cf-f0b9d152c7ab
age
4286041
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6402
cf-request-id
072365de94000010ef9ca8a000000001
last-modified
Mon, 05 Oct 2020 11:36:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c10eb5f10ef-CPH
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc.webp
s-img.mgid.com/g/4147885/492x277/61x13x950x633/ Frame 2151
10 KB
10 KB
Image
General
Full URL
https://s-img.mgid.com/g/4147885/492x277/61x13x950x633/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc.webp?v=1608495449-bNKFoJXVgt2SSdGJU33CGiYooIk430RCLF1MnGlNCTU
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7cddb2ec0a1c841d8e1fa306ba61194864db42ac45b53ce2728e16136c40c

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
606e6d5b-25cb-45c3-869f-2524b8f54f41
age
1146108
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9798
cf-request-id
072365de92000010efbc949000000001
last-modified
Mon, 05 Oct 2020 11:52:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c10eb6c10ef-CPH
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/ Frame 2151
19 KB
19 KB
Image
General
Full URL
https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1608495449-R_7tn78pfPE1SLaq-RpClluvKFlXg7O2Tf7nc7OltrU
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80051a222c17f6e0ef65e14e863278c0b1167c03e3715e81c67385600aa83b4

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
f12743ae-0a69-4056-b61a-a30469a21e9d
age
4292688
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18988
cf-request-id
072365de95000010efd7242000000001
last-modified
Mon, 05 Oct 2020 11:13:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c10eb7710ef-CPH
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp
s-img.mgid.com/g/3805603/492x277/0x63x1000x666/ Frame 2151
6 KB
6 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805603/492x277/0x63x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp?v=1608495449--8iDOoHI-qP7PX-fT4fm03iiUcnZvm4Q1n0IYKZpSKk
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914aaf00570039622940a10c515c390e0bdb29e14a4cb1e3c3598cca05e8ead2

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
a611e3bf-31c0-4923-9291-0c8c4ff43fef
age
1079079
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6138
cf-request-id
072365dea4000010ef9a9bb000000001
last-modified
Mon, 05 Oct 2020 11:40:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c110ba110ef-CPH
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc0N2I5NzIwODM2MDNhNThiMmUzZDE1NDQ4MTgxMWJmLmpwZWc.webp
s-img.mgid.com/g/4723159/492x328/0x0x607x404/
9 KB
10 KB
Image
General
Full URL
https://s-img.mgid.com/g/4723159/492x328/0x0x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc0N2I5NzIwODM2MDNhNThiMmUzZDE1NDQ4MTgxMWJmLmpwZWc.webp?v=1608495449-apzYgwVnFgEurwUE8r6Ri43herTf3IMnpuWctvtJT0o
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6e1b8131c07cdfaed4ee217aa32ca0e0b991a22132380f547f00af45cf49d1

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
9a1dd248-7065-47a9-ab34-3bef7f48e18b
age
4297786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9580
cf-request-id
072365deb3000010ef82172000000001
last-modified
Mon, 05 Oct 2020 11:24:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c111bca10ef-CPH
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc0N2I5NzIwODM2MDNhNThiMmUzZDE1NDQ4MTgxMWJmLmpwZWc.webp
s-img.mgid.com/g/4723159/492x328/0x0x607x404/ Frame 263C
9 KB
9 KB
Image
General
Full URL
https://s-img.mgid.com/g/4723159/492x328/0x0x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc0N2I5NzIwODM2MDNhNThiMmUzZDE1NDQ4MTgxMWJmLmpwZWc.webp?v=1608495449-apzYgwVnFgEurwUE8r6Ri43herTf3IMnpuWctvtJT0o
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6e1b8131c07cdfaed4ee217aa32ca0e0b991a22132380f547f00af45cf49d1

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
HIT
x-mg-request-uuid
9a1dd248-7065-47a9-ab34-3bef7f48e18b
age
4297786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9580
cf-request-id
072365ded8000010ef82175000000001
last-modified
Mon, 05 Oct 2020 11:24:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
604c0c115c4e10ef-CPH
usync.html
eus.rubiconproject.com/ Frame 8F55
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1608495449675747419260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://beforeitsnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sun, 20 Dec 2020 20:17:30 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Sun, 20 Dec 2020 20:17:29 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
cm.idealmedia.io/setmuidn/
0
556 B
Image
General
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=kbktFOv09dhc
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
604c0c11c9a410b9-CPH
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
072365df1b000010b9d812b000000001
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2JrdEZPdjA5ZGhj&muidn=kbktFOv09dhc
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2JrdEZPdjA5ZGhj&muidn=kbktFOv09dhc&google_tc=
  • https://cm.mgid.com/google?muidn=kbktFOv09dhc&google_ula={guid},5&google_gid=CAESENBIqfESI-CyAjdQJZAAjyE&google_cver=1
0
212 B
Image
General
Full URL
https://cm.mgid.com/google?muidn=kbktFOv09dhc&google_ula={guid},5&google_gid=CAESENBIqfESI-CyAjdQJZAAjyE&google_cver=1
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
604c0c122de410ef-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365df5d000010ef91931000000001

Redirect headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=kbktFOv09dhc&google_ula={guid},5&google_gid=CAESENBIqfESI-CyAjdQJZAAjyE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=R1e34WdPwk0rNf2RXiwI&pi=mgid&tc=1
43 B
361 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=501037&c=R1e34WdPwk0rNf2RXiwI&pi=mgid&tc=1
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:30 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
002c63b5-197a-45e5-9707-9d50de153a5b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
604c0c12bee410ef-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365dfaf000010ef9499b000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=R1e34WdPwk0rNf2RXiwI&pi=mgid&tc=1
pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT, Sun, 20 Dec 2020 20:17:29 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=e31SSwxW4XX.AikABlF2gczIKg&expires=30&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6&gdpr=&gdpr_consent=&us_privacy=
43 B
243 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=433145&c=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:30 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
17e6362a-00d6-4972-804d-093e4fa4899c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
604c0c14cb9f10ef-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365e0fb000010ef7c19f000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 20 Dec 2020 20:17:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=kbktFOv09dhc
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kbktFOv09dhc
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6
49 B
532 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Dec 2020 20:17:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6
date
Sun, 20 Dec 2020 20:17:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.lentainform.com/setmuidn/
0
622 B
Image
General
Full URL
https://cm.lentainform.com/setmuidn/?muidf=kbktFOv09dhc
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
604c0c11c97c1d22-CPH
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365df1d00001d22f7355000000001
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=f4d65c47-c738-4e1a-955a-38ca3da5b4ac&ttl=1611087450
43 B
227 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=371158&c=f4d65c47-c738-4e1a-955a-38ca3da5b4ac&ttl=1611087450
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:30 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
6ffcf660-aa63-45c5-8efa-d104e198c075
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
604c0c132fb110ef-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365dff8000010efc2119000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Sun, 20 Dec 2020 20:17:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=f4d65c47-c738-4e1a-955a-38ca3da5b4ac&ttl=1611087450
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
jsDynamic-bin-rev-20201111.js
beforeitsnews.com/static/js-v3/
8 KB
2 KB
Script
General
Full URL
https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
616f3c5387758aff936d47c41a8ef8cc07b400b64b3d3e5d07634b2e31de4773
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
771962
cf-polished
origSize=7865
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365e63000002b71fe0a5000000001
last-modified
Sun, 15 Nov 2020 17:33:25 GMT
server
cloudflare
etag
W/"5fb16665-1eb9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c1d1df82b71-FRA
expires
Fri, 18 Dec 2020 21:51:29 GMT
responsive-bin-rev-20201111.js
beforeitsnews.com/static/js-v3/
2 KB
785 B
Script
General
Full URL
https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20201111.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
771962
cf-polished
origSize=1728
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365e62f00002b7148010000000001
last-modified
Sun, 15 Nov 2020 17:33:26 GMT
server
cloudflare
etag
W/"5fb16666-6c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c1d1e002b71-FRA
expires
Fri, 18 Dec 2020 21:51:29 GMT
validate-bin-rev-20201111.js
beforeitsnews.com/static/js-v3/
6 KB
2 KB
Script
General
Full URL
https://beforeitsnews.com/static/js-v3/validate-bin-rev-20201111.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
771962
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365e63000002b7106be7000000001
last-modified
Sun, 15 Nov 2020 17:33:27 GMT
server
cloudflare
etag
W/"5fb16667-1849"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c1d1e032b71-FRA
expires
Fri, 18 Dec 2020 21:51:29 GMT
loadmore-bin-rev-20201111.js
beforeitsnews.com/static/js-v3/
14 KB
2 KB
Script
General
Full URL
https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20201111.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
771962
cf-polished
origSize=14745
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365e63000002b715d22d000000001
last-modified
Sun, 15 Nov 2020 17:33:26 GMT
server
cloudflare
etag
W/"5fb16666-3999"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
cf-ray
604c0c1d1e062b71-FRA
expires
Fri, 18 Dec 2020 21:51:29 GMT
serve.js.php
trends.revcontent.com/
4 KB
1 KB
Script
General
Full URL
https://trends.revcontent.com/serve.js.php?w=111268&t=rc_790&c=1608495452086&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
4b8d83e7decc8feec96194f003cd69da6f694aefcf0eed0b01522d46dcb89099
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://beforeitsnews.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
1247
serve.js.php
trends.revcontent.com/
4 KB
1 KB
Script
General
Full URL
https://trends.revcontent.com/serve.js.php?w=100246&t=rc_330&c=1608495452087&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
10d64deb33acf97c1cbe01c76e6f4cdc68b74314857d16cd14e48efc07ba1c68
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://beforeitsnews.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
1245
ajs.js
cdn2.lockerdomecdn.com/_js/
5 KB
3 KB
Script
General
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
content-encoding
gzip
last-modified
Sat, 19 Dec 2020 21:07:29 GMT
server
nginx
etag
"5364-1608412049882"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
2348
get_banners_direct.php
beforeitsnews.com/core/ajax/contributor/v3_banners/
1 KB
531 B
XHR
General
Full URL
https://beforeitsnews.com/core/ajax/contributor/v3_banners/get_banners_direct.php
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab3d4e67f3f1725b7cd2d196dc1c9d4a87ef8b2f7c42884878e66f549426df3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://beforeitsnews.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
server
cloudflare
date
Sun, 20 Dec 2020 20:17:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cf-ray
604c0c1fad082b71-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365e7c700002b711833b000000001
showing.php
beforeitsnews.com/core/ajax/contributor/v3_live_stream/
792 B
442 B
XHR
General
Full URL
https://beforeitsnews.com/core/ajax/contributor/v3_live_stream/showing.php?_=1608495452101
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb0649166a5575c83f03ea06978efc661b48b66a9706c10be152939253cfdbd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://beforeitsnews.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
server
cloudflare
date
Sun, 20 Dec 2020 20:17:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cf-ray
604c0c1fad0c2b71-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365e7c700002b710c110000000001
OneSignalSDK.js
cdn.onesignal.com/sdks/
8 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2936
etag
W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
cf-ray
604c0c1fc85f6395-FRA
cf-request-id
072365e7df00006395efa26000000001
expires
Mon, 21 Dec 2020 08:17:32 GMT
get_items_to_show.php
beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/
57 KB
3 KB
XHR
General
Full URL
https://beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1608495452102
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d6a0749dbb73160c55a10dc21e19938801bf0de055951aced9ef81e0be74fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://beforeitsnews.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
server
cloudflare
date
Sun, 20 Dec 2020 20:17:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cf-ray
604c0c1fad112b71-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365e7c800002b71f9aea000000001
get-most-recent-stories-list.php
beforeitsnews.com/v3/recent/
15 KB
3 KB
XHR
General
Full URL
https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1608495452102
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba3b956d2451a7dbd3bcb576840e205a226067da7bd7b6c709fa07137d9bced
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://beforeitsnews.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
server
cloudflare
date
Sun, 20 Dec 2020 20:17:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cf-ray
604c0c1fad142b71-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
072365e7c800002b711b2fe000000001
10864438442185062
lockerdome.com/lad/ Frame AD55
0
0
Document
General
Full URL
https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Host
lockerdome.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://beforeitsnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Sun, 20 Dec 2020 20:17:32 GMT
10864440455450982
lockerdome.com/lad/ Frame 83F7
0
0
Document
General
Full URL
https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Host
lockerdome.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://beforeitsnews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Sun, 20 Dec 2020 20:17:32 GMT
serve.js.php
trends.revcontent.com/
60 KB
60 KB
XHR
General
Full URL
https://trends.revcontent.com/serve.js.php?w=111268&t=rc_790&c=1608495452086&width=1600&site_url=https%3A%2F%2Fbeforeitsnews.com%2F&referer=&skip_iab=true
Requested by
Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=111268&t=rc_790&c=1608495452086&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
b989b0a6c065a5c25053eec3f2528cd8dab878f8110b0b2183fc459caee6336e
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://beforeitsnews.com
date
Sun, 20 Dec 2020 20:17:32 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/javascript; charset=utf-8
serve.js.php
trends.revcontent.com/
76 KB
76 KB
XHR
General
Full URL
https://trends.revcontent.com/serve.js.php?w=100246&t=rc_330&c=1608495452087&width=1600&site_url=https%3A%2F%2Fbeforeitsnews.com%2F&referer=&skip_iab=true
Requested by
Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=100246&t=rc_330&c=1608495452087&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
95bb6c27d9aa0cf2a04f1cef53d7e76848cbf984eb51802b7280809c420ffb53
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://beforeitsnews.com
date
Sun, 20 Dec 2020 20:17:32 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/javascript; charset=utf-8
hdSplGl0fj4
www.youtube.com/embed/ Frame EA1A
0
0
Document
General
Full URL
https://www.youtube.com/embed/hdSplGl0fj4?rel=0&autoplay=0&mute=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/hdSplGl0fj4?rel=0&autoplay=0&mute=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://beforeitsnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-length
21031
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
content-type
text/html; charset=utf-8
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security
max-age=31536000
date
Sun, 20 Dec 2020 20:17:33 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=pJpz6c5Kz0o; path=/; domain=.youtube.com; secure; expires=Fri, 18-Jun-2021 20:17:32 GMT; httponly; samesite=None YSC=2qisK2eEDeI; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 20-Dec-2020 20:47:32 GMT VISITOR_INFO1_LIVE=pJpz6c5Kz0o; path=/; domain=.youtube.com; secure; expires=Fri, 18-Jun-2021 20:17:32 GMT; httponly; samesite=None
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
YHaSsqT6kf0
www.youtube.com/embed/ Frame BBD3
0
0
Document
General
Full URL
https://www.youtube.com/embed/YHaSsqT6kf0?rel=0&autoplay=0&mute=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/YHaSsqT6kf0?rel=0&autoplay=0&mute=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://beforeitsnews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
br
content-length
21997
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
expires
Tue, 27 Apr 1971 19:44:06 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Sun, 20 Dec 2020 20:17:32 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=eBgrhlcSCFo; path=/; domain=.youtube.com; secure; expires=Fri, 18-Jun-2021 20:17:32 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=eBgrhlcSCFo; path=/; domain=.youtube.com; secure; expires=Fri, 18-Jun-2021 20:17:32 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 20-Dec-2020 20:47:32 GMT YSC=x-0pYyoJMtc; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
88de2a6c6c0c0a17ee4513338f8ce27e7b3004b7.jpeg
beforeitsnews.com/img/i2020/12/
18 KB
18 KB
Image
General
Full URL
https://beforeitsnews.com/img/i2020/12/88de2a6c6c0c0a17ee4513338f8ce27e7b3004b7.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87f59e3c5be59bfece610b46176dd43b441660a01d5225f98e94c287b30e39c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1696199
cf-polished
origSize=19907, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18455
cf-request-id
072365ea2a00002b71023fa000000001
last-modified
Thu, 05 Nov 2020 07:35:45 GMT
server
cloudflare
etag
"5fa3ab51-4dc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c237f0d2b71-FRA
expires
Wed, 01 Dec 2021 05:07:33 GMT
454bd7e1.jpg
herbanomics.postaffiliatepro.com/accounts/default1/g75hwob/
1 MB
1 MB
Image
General
Full URL
https://herbanomics.postaffiliatepro.com/accounts/default1/g75hwob/454bd7e1.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.33.2.97 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li956-97.members.linode.com
Software
nginx /
Resource Hash
a855d275afd3638c7d7d62e6b27285a2534fc64d07529fc20e4ff4ca15fba21b

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:33 GMT
via
1.1 varnish (1.lb-app.pap.linode-us-tx)
x-srv
2
age
5
vary
Accept-Encoding
x-varnish
231899550 227066807
cache-control
max-age=15, public
accept-ranges
bytes
content-type
image/jpeg
content-length
1141682
server
nginx
expires
Sun, 20 Dec 2020 20:17:42 GMT
hqdefault.jpg
img.youtube.com/vi/oqtNkhKGgmo/
24 KB
25 KB
Image
General
Full URL
https://img.youtube.com/vi/oqtNkhKGgmo/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068cfc47e4df1a96edc34feae19e7038274de7b1cafc9f733d72627d22471822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:07 GMT
x-content-type-options
nosniff
server
sffe
age
25
etag
"1608411756"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25080
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:22:07 GMT
hqdefault(287).jpg
beforeitsnews.com/contributor/upload/106013/images/
14 KB
15 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/hqdefault(287).jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
711437
cf-polished
status=not_needed
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14766
cf-request-id
072365ea3e00002b7122345000000001
last-modified
Fri, 14 Aug 2020 20:18:17 GMT
server
cloudflare
etag
"5f36f189-39ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c239f602b71-FRA
expires
Sun, 12 Dec 2021 14:40:15 GMT
Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg
beforeitsnews.com/contributor/upload/724569/images/
Redirect Chain
  • http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg
  • https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg
33 KB
34 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a4acaab8f3d266a9544ed317d780e3c5f4567692806f0450ea30ca8a17862e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
310838
cf-polished
origSize=38657, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34084
cf-request-id
072365ea4900002b71f9b31000000001
last-modified
Mon, 23 Nov 2020 19:17:18 GMT
server
cloudflare
etag
"5fbc0abe-9701"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c23afab2b71-FRA
expires
Fri, 17 Dec 2021 05:56:54 GMT

Redirect headers

Location
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg
Non-Authoritative-Reason
HSTS
iu-2%20(32).jpg
beforeitsnews.com/contributor/upload/724569/images/
Redirect Chain
  • http://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg
  • https://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg
14 KB
14 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e2207c38919b05b8578851d7ff15fc178de9efcda7f94950c70610c8d06c4b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
382
cf-polished
origSize=18819, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14128
cf-request-id
072365ea4900002b71600b7000000001
last-modified
Wed, 14 Oct 2020 18:52:23 GMT
server
cloudflare
etag
"5f8748e7-4983"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c23afaf2b71-FRA
expires
Mon, 20 Dec 2021 20:11:10 GMT

Redirect headers

Location
https://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg
Non-Authoritative-Reason
HSTS
DarnoldGame2.jpg
www.jetnation.com/wp-content/uploads/2020/12/
44 KB
45 KB
Image
General
Full URL
https://www.jetnation.com/wp-content/uploads/2020/12/DarnoldGame2.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.13.239.203 , United States, ASN55106 (DATACATE-AS1, US),
Reverse DNS
Software
nginx /
Resource Hash
b22fc6d703979388d59088e1c24a7ca8e3047e75191119a95f7598a73abe072d

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:33 GMT
last-modified
Sun, 20 Dec 2020 19:39:45 GMT
server
nginx
accept-ranges
bytes
etag
"5fdfa881-b186"
content-length
45446
content-type
image/jpeg
2020-12-17T105055Z_1_LYNXMPEGBG0SN_RTROPTP_4_USA-BIDEN-700x420.jpg
img.theepochtimes.com/assets/uploads/2020/12/18/
37 KB
37 KB
Image
General
Full URL
https://img.theepochtimes.com/assets/uploads/2020/12/18/2020-12-17T105055Z_1_LYNXMPEGBG0SN_RTROPTP_4_USA-BIDEN-700x420.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5cadb2efa411cb626f434491a682fc63a4ff7a8f621521bd0531494e76eed873

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
last-modified
Fri, 18 Dec 2020 13:29:25 GMT
server
nginx
etag
"5fdcaeb5-9420"
x-hw
1608495452.cds067.sk1.hn,1608495452.cds045.sk1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
37920
1f642.png
s.w.org/images/core/emoji/13.0.0/72x72/
620 B
814 B
Image
General
Full URL
https://s.w.org/images/core/emoji/13.0.0/72x72/1f642.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
c7a2c052f383509ac9ec9da7f34cccc4c1d35040799426588c54a0d83cd9628f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sun, 20 Dec 2020 20:17:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Jun 2020 17:45:45 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
620
expires
Thu, 31 Dec 2037 23:55:55 GMT
hqdefault.jpg
img.youtube.com/vi/2020/09/22/banks-aml-efficiency-the-fincen-files-horror-story-and-what-we-can-learn-for-crypto//
1 KB
1 KB
Image
General
Full URL
https://img.youtube.com/vi/2020/09/22/banks-aml-efficiency-the-fincen-files-horror-story-and-what-we-can-learn-for-crypto//hqdefault.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:17 GMT
x-content-type-options
nosniff
server
sffe
age
15
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=30
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1097
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:17:47 GMT
Amerigeddon-Movie.jpg
beforeitsnews.com/contributor/upload/748669/images/
Redirect Chain
  • http://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg
  • https://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg
51 KB
51 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6566bdeb0f8c591832702768ab4ad31fc960f2f0a9b9dbb76cb94e411156fdb9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
75576
cf-polished
origSize=56353, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51891
cf-request-id
072365ea4b00002b71351e5000000001
last-modified
Thu, 17 Dec 2020 13:12:08 GMT
server
cloudflare
etag
"5fdb5928-dc21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c23afb02b71-FRA
expires
Sun, 19 Dec 2021 23:17:56 GMT

Redirect headers

Location
https://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg
Non-Authoritative-Reason
HSTS
Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg
beforeitsnews.com/contributor/upload/724569/images/
Redirect Chain
  • http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg
  • https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg
29 KB
29 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7183658fcfd17c30c370bc1cc7a8ca0cf708e79883f06273b10a4c266ebb66df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
321817
cf-polished
origSize=34455, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29563
cf-request-id
072365ea4900002b71023fd000000001
last-modified
Tue, 08 Sep 2020 18:24:14 GMT
server
cloudflare
etag
"5f57cc4e-8697"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c23afb12b71-FRA
expires
Fri, 17 Dec 2021 02:53:55 GMT

Redirect headers

Location
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg
Non-Authoritative-Reason
HSTS
bc9f55ce-6515-4bff-ab01-9ad778b3ff9d.jpg
media.townhall.com/townhall/reu/ha/2017/6/
62 KB
62 KB
Image
General
Full URL
https://media.townhall.com/townhall/reu/ha/2017/6/bc9f55ce-6515-4bff-ab01-9ad778b3ff9d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
f1757be70e528aef621f4ab0c6a59588aafbc48452270d3b62847ee949f391d7

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
server
nginx/1.10.3 (Ubuntu)
x-img
thmbor3
etag
"378b9f8310b6a371a5159f9505288435ffe08d1f"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-length
63062
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag
img
x-hw
1608495452.dop217.sk1.t,1608495452.cds219.sk1.hn,1608495452.cds052.sk1.c
Historys-Greatest-Mysteries-2048x1152-promo-16x9-1.jpg
1.bp.blogspot.com/-NQZP0cE9EWs/X9-czUP0YvI/AAAAAAAAbGg/Z4RBvskOYG08-nulYUjKXuTDvkYtICNFwCLcBGAsYHQ/s320/
16 KB
16 KB
Image
General
Full URL
https://1.bp.blogspot.com/-NQZP0cE9EWs/X9-czUP0YvI/AAAAAAAAbGg/Z4RBvskOYG08-nulYUjKXuTDvkYtICNFwCLcBGAsYHQ/s320/Historys-Greatest-Mysteries-2048x1152-promo-16x9-1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bd1436643629fb6f27921499d2146a33c10c4f64e13059debc2f76d15e2a971b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 19:30:01 GMT
x-content-type-options
nosniff
age
2851
content-disposition
inline;filename="Historys-Greatest-Mysteries-2048x1152-promo-16x9-1.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15940
x-xss-protection
0
server
fife
etag
"v6c69"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 21 Dec 2020 19:30:01 GMT
vaccine(1).jpg
beforeitsnews.com/contributor/upload/426438/images/
Redirect Chain
  • http://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg
  • https://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg
3 KB
4 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e6c6a5c70ffde44ad2cbab9dc28e907ed1ce5256a039de859acc0b143d77859
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
2808
cf-polished
origSize=3709, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3491
cf-request-id
072365ea6800002b715301a000000001
last-modified
Sun, 20 Dec 2020 19:27:23 GMT
server
cloudflare
etag
"5fdfa59b-e7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c23d83d2b71-FRA
expires
Mon, 20 Dec 2021 19:30:44 GMT

Redirect headers

Location
https://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg
Non-Authoritative-Reason
HSTS
syncranium_inner-veiw588.jpg
pterosaurheresies.files.wordpress.com/2020/12/
51 KB
51 KB
Image
General
Full URL
https://pterosaurheresies.files.wordpress.com/2020/12/syncranium_inner-veiw588.jpg?w=584&h=472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
639bbdccf8f434f55586e2ec4a2956ebf9ec7a046d46341f72ee779f1760488d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff, nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 28 np
date
Sun, 20 Dec 2020 20:17:32 GMT
x-content-type-options
nosniff, nosniff, nosniff
last-modified
Sun, 20 Dec 2020 17:34:48 GMT
server
nginx
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://pterosaurheresies.wordpress.com
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
52294
access-control-allow-credentials
true
expires
Tue, 26 Jan 2021 11:17:26 GMT
solarwinds.jpg
stateofthenation.co/wp-content/uploads/2020/12/
193 KB
193 KB
Image
General
Full URL
http://stateofthenation.co/wp-content/uploads/2020/12/solarwinds.jpg
Protocol
HTTP/1.1
Server
192.124.249.6 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
3d1fa5d5a2c91f3efe1433cb5debe6268a56c9f1a4b60d841393b509a30cf45b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 20:17:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 20 Dec 2020 10:34:04 GMT
Server
Sucuri/Cloudproxy
ETag
"4636cb-3039c-5b6e2e1717a97"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-Sucuri-Cache
HIT
Cache-Control
max-age=315360000
X-Sucuri-ID
19006
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
197532
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vaccine-kiowa-press-1024x619.jpg
www.naturalblaze.com/wp-content/uploads/2020/12/
70 KB
71 KB
Image
General
Full URL
https://www.naturalblaze.com/wp-content/uploads/2020/12/vaccine-kiowa-press-1024x619.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:8fb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf7b9414519d200832e0c5f940f107ddb8ae3815a0e38f9ab829daa612b719aa

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3388
content-length
71618
cf-request-id
072365ea8200004a7369a1c000000001
last-modified
Sun, 20 Dec 2020 18:18:51 GMT
server
cloudflare
etag
"5fdf958b-117c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k58cPgEy65VRVUfVTeDxTB66b1iLkJPE%2Bgn7u2iX3HEd0WNNqWk%2BBwVyDsTfZX1cX%2BLuQnTfAMBrdvXZI%2FJXgMA4A8kK9ERtFjAodySO401BGpXU%2BQgWemTZDyuEYvC60Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
604c0c240f6d4a73-FRA
hqdefault.jpg
img.youtube.com/vi/KIAhqAeD_NE/
43 KB
43 KB
Image
General
Full URL
https://img.youtube.com/vi/KIAhqAeD_NE/hqdefault.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c16b67bdb7638f2c64b187a01987f29c76ff9c66711a632f800a1efdfa6fc0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:13:05 GMT
x-content-type-options
nosniff
server
sffe
age
267
etag
"1608489599"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43784
x-xss-protection
0
expires
Sun, 20 Dec 2020 20:18:05 GMT
share-to-parler.png
gellerreport.com/wp-content/uploads/2020/12/
15 KB
16 KB
Image
General
Full URL
https://gellerreport.com/wp-content/uploads/2020/12/share-to-parler.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.17 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
3db952fba727a392d87f18ad9028754c8b9fd2e206e3330eaf763615432fd3ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Dec 2020 13:11:53 GMT
server
nginx
etag
"5fcf7b99-3dae"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
15790
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
paiul-772245.jpg
beforeitsnews.com/contributor/upload/106013/images/
51 KB
51 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/paiul-772245.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf53baa29daf3ca6c8b68724293091277b58cf96f108f67cf019327b256863b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4137
cf-polished
origSize=52977, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51817
cf-request-id
072365ea3f00002b711b346000000001
last-modified
Mon, 20 Jul 2020 11:01:57 GMT
server
cloudflare
etag
"5f1579a5-cef1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c239f672b71-FRA
expires
Mon, 20 Dec 2021 19:08:35 GMT
Covis19-vaccine-DNA-damage.jpg
beforeitsnews.com/contributor/upload/662794/images/
Redirect Chain
  • http://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg
  • https://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg
21 KB
21 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544b6143f0f3e268c98bc912bef093875321be1cc12116e54929cfef86ad7bea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4331
cf-polished
origSize=22452, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21422
cf-request-id
072365ea7c00002b711491d000000001
last-modified
Sun, 20 Dec 2020 19:03:43 GMT
server
cloudflare
etag
"5fdfa00f-57b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c23f88d2b71-FRA
expires
Mon, 20 Dec 2021 19:05:21 GMT

Redirect headers

Location
https://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg
Non-Authoritative-Reason
HSTS
1-earth-sos-conceptual-image-detlev-van-ravenswaay.jpg
images.fineartamerica.com/images-medium-large/
84 KB
85 KB
Image
General
Full URL
http://images.fineartamerica.com/images-medium-large/1-earth-sos-conceptual-image-detlev-van-ravenswaay.jpg
Protocol
HTTP/1.1
Server
2600:9000:2093:4000:d:8a0c:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36fe45df416d7f6e22dcb693f50939a972ee5f50bfb0170e9b83a6415471712f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Dec 2020 10:15:01 GMT
Via
1.1 acc2c574ca468bfb1281581bb9fd9e8a.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 13 May 2013 21:52:00 GMT
Server
AmazonS3
x-amz-request-id
EDC53F3869ECA969
ETag
"93ef4b62ea98634b776d32f14ab1dd23"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
public, max-age=1296000
X-Amz-Cf-Pop
HAM50-C1
Accept-Ranges
bytes
Content-Length
85941
x-amz-id-2
cg6+AKf46C2+uyAYgg6ll74hDexGNX1HqrnbHHGR+zNJenKpDxXLzjJIV5mZahxWsCbpqKqXjuw=
X-Amz-Cf-Id
kSwnTidp3BqF8GrrUwMeBk926DUQnrEp2nQVj55WWCZFShxuJBe38w==
Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg
beforeitsnews.com/contributor/upload/724569/images/
Redirect Chain
  • http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg
  • https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg
40 KB
40 KB
Image
General
Full URL
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5213080107079508d6ec845ffafacd4667e4afd0fa3743905fa5d58b23adf89
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3767662
cf-polished
origSize=46302, status=webp_bigger
cf-bgj
imgq:100,h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40760
cf-request-id
072365ea9e00002b713a3d6000000001
last-modified
Tue, 03 Nov 2020 00:06:22 GMT
server
cloudflare
etag
"5fa09efe-b4de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
604c0c24292c2b71-FRA
expires
Sun, 07 Nov 2021 05:43:10 GMT

Redirect headers

Location
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg
Non-Authoritative-Reason
HSTS
rev2.min.css
cdn.revcontent.com/build/css/
83 KB
23 KB
Stylesheet
General
Full URL
https://cdn.revcontent.com/build/css/rev2.min.css?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2020 21:50:30 GMT
etag
"1608241830"
x-hw
1608495452.cds065.sk1.hn,1608495452.cds224.sk1.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2696
accept-ranges
bytes
content-length
23124
rev2.min.js
cdn.revcontent.com/build/js/
280 KB
84 KB
Script
General
Full URL
https://cdn.revcontent.com/build/js/rev2.min.js?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6df1457515a690c33717b2eca10548b3fbe947e30b05365471a2d04ba64273af

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2020 21:50:30 GMT
etag
"1608241830"
x-hw
1608495452.cds065.sk1.hn,1608495452.cds209.sk1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=6292
accept-ranges
bytes
content-length
85554
42eec848aeec054d87c759df07fd4365.jpeg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/
8 KB
8 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/42eec848aeec054d87c759df07fd4365.jpeg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a9b1dac4640ae24465170fdc8a89216f09922c0ec41e9dc668c4d7d5d0650359
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="42eec848aeec054d87c759df07fd4365.webp"
server-timing
fastly;dur=1;cpu=0;start=2020-11-17T19:42:12.442Z;desc=hit,rtt;dur=0
content-length
8068
last-modified
Tue, 10 Nov 2020 17:43:00 GMT
server
Cloudinary
etag
"069af10ceb55ac50a045fa2586973bd4"
vary
Accept
x-hw
1608495452.cds053.sk1.hn,1608495452.cds043.sk1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15734583750160732187.jpeg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/
12 KB
13 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/15734583750160732187.jpeg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d0c4a0905128c55af84ba63f373a41f557f2543aedb8d7ae426d129b96dfd174
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="15734583750160732187.webp"
server-timing
fastly;dur=138;cpu=0;start=2020-12-12T17:27:22.917Z;desc=miss,rtt;dur=0,cloudinary;dur=45;start=2020-12-12T17:27:22.962Z
content-length
12724
last-modified
Thu, 13 Aug 2020 13:59:41 GMT
server
Cloudinary
etag
"784b205c632a554b86ee9578f3a1f1a7"
vary
Accept
x-hw
1608495452.cds053.sk1.hn,1608495452.cds202.sk1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
68e4db568296e2149cd9335740792bc9.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/
11 KB
11 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/68e4db568296e2149cd9335740792bc9.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7eb9890c6dc36dac5de03c9324d0d43cc3cd7bbf84677cb0d4756cf2bf04121c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="68e4db568296e2149cd9335740792bc9.webp"
server-timing
fastly;dur=1;start=2020-10-20T15:41:26.558Z;desc=hit,rtt;dur=0
content-length
11492
last-modified
Thu, 13 Aug 2020 13:59:19 GMT
server
Cloudinary
etag
"4fcd899994e826b03692aad31351bbc8"
vary
Accept
x-hw
1608495452.cds053.sk1.hn,1608495452.cds202.sk1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15668969740703842202.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/
33 KB
33 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/15668969740703842202.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
5b3bfe799da558857b11d4b32be4aa2ab97c5c7023630d4223846c825a551c53
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="15668969740703842202.webp"
server-timing
fastly;dur=1;start=2020-10-20T15:23:14.114Z;desc=hit,rtt;dur=1
content-length
33718
last-modified
Thu, 13 Aug 2020 13:59:15 GMT
server
Cloudinary
etag
"0278445402cfcdf317daa1702e2fb560"
vary
Accept
x-hw
1608495452.cds053.sk1.hn,1608495452.cds046.sk1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald|Scada
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24f9f738d7dfc72a5d156f1d0f255ff3cfeba564708dc8cfbc0c20e929cc5c63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Dec 2020 20:17:32 GMT
server
ESF
date
Sun, 20 Dec 2020 20:17:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Dec 2020 20:17:32 GMT
5fb646e79d8d94-96702068.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/
11 KB
12 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/5fb646e79d8d94-96702068.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
08e24203faefd371ec6a5cc290fa676a3ac558f20b4b45f0e21196ea3a8b5162
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="5fb646e79d8d94-96702068.webp"
server-timing
fastly;dur=1;cpu=0;start=2020-11-20T09:59:38.115Z;desc=hit,rtt;dur=1
content-length
11768
last-modified
Thu, 19 Nov 2020 19:37:37 GMT
server
Cloudinary
etag
"91be45768c529215b40725adcb062c7e"
vary
Accept
x-hw
1608495452.cds053.sk1.hn,1608495452.cds049.sk1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
c880b053706800a9676c62fd28b4323c.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/
15 KB
15 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/c880b053706800a9676c62fd28b4323c.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
4ae6fadc73877dabecc11d3d53f3e1ce41cb0aa533472404d7bd024890e6e7b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:17:33 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="c880b053706800a9676c62fd28b4323c.webp"
server-timing
fastly;dur=462;cpu=0;start=2020-11-17T19:45:22.053Z;desc=miss,rtt;dur=0,cloudinary;dur=55;start=2020-11-17T19:45:22.407Z
content-length
15352
last-modified
Tue, 10 Nov 2020 17:41:28 GMT
server
Cloudinary
etag
"02da6946f8a02c385de584df45176505"
vary
Accept
x-hw
1608495453.cds053.sk1.hn,1608495453.cds049.sk1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v35/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v35/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Scada
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://beforeitsnews.com
Referer
https://fonts.googleapis.com/css?family=Oswald|Scada
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 22:14:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 19:17:24 GMT
server
sffe
age
511374
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12672
x-xss-protection
0
expires
Tue, 14 Dec 2021 22:14:38 GMT
RLpxK5Pv5qumeVJvzTQKbVvu.woff2
fonts.gstatic.com/s/scada/v9/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/scada/v9/RLpxK5Pv5qumeVJvzTQKbVvu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Scada
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
788a08bf62ef367edb51976a66fd9c5abc5ad55f4fa1ac66d3abde2ac76da67e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://beforeitsnews.com
Referer
https://fonts.googleapis.com/css?family=Oswald|Scada
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 00:22:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:20:39 GMT
server
sffe
age
158125
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8984
x-xss-protection
0
expires
Sun, 19 Dec 2021 00:22:07 GMT
imp.php
trends.revcontent.com/
0
196 B
XHR
General
Full URL
https://trends.revcontent.com/imp.php
Requested by
Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://beforeitsnews.com
date
Sun, 20 Dec 2020 20:17:33 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
0
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
imp.php
trends.revcontent.com/
0
197 B
XHR
General
Full URL
https://trends.revcontent.com/imp.php
Requested by
Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://beforeitsnews.com
date
Sun, 20 Dec 2020 20:17:33 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
0
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| CloudflareApps function| $ function| jQuery function| MobileDetect function| uuid function| hasCookie function| isAdmin function| isEditor function| isLoggedIn function| isLocalhost function| add_commas function| showDate function| localizedDate function| setCookie function| getCookie function| deleteCookie function| showLogin function| doAJAX function| updateTrumpFeed function| updateVisitorsNow function| cut_text2 function| cut_text function| runTrimTextScript function| trimText function| runTrimTextScript2 function| loadJsDynamic function| loadCssDynamic function| removeJsCssDynamic function| load_dynamic_ads function| uploadNewsClick function| showSignUpForm function| b4inPolling function| b4inGetUuid function| updateUsersOnline function| countOnlineUsers function| adDisable function| adDismiss function| get_random_integer function| counter_ads_direct function| onclick_ads_direct function| counter_banners_direct function| rotating_JSCode function| rotating_JSDisplay function| counter_ads_contract function| onclick_ads_contract function| counter_banners_contract function| carousel_god_word function| incr_views_god_word function| incr_clicks_god_word function| show_god_word function| god_word_video_onmouseover function| god_word_video_onmouseout function| god_word_video_onclick function| ccp_virus_video_onmouseover function| ccp_virus_video_onmouseout function| yt_video_onmouseover function| yt_video_onmouseout function| yt_video_onclick function| incr_views_videos_rotating function| incr_clicks_videos_rotating function| show_videos_rotating function| videos_rotating_onclick function| gaTrackPageviewCustom function| parseJSAtOnload string| file_extend object| arr_text1 object| arr_text2 object| arr_text number| _sf_startpt number| top50_page_loaded number| newest_page_loaded number| day_page_loaded number| week_page_loaded number| month_page_loaded number| year_page_loaded number| all_page_loaded number| loaded function| gtag object| dataLayer function| googleTranslateElementInit object| google object| wlvsvsvwsjok string| tnkbsrigsnohbke object| rew number| c_start string| b4inUuid number| c_end object| d object| google_tag_manager object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| google_tag_data string| GoogleAnalyticsObject function| ga object| closure_lm_180808 object| _mgIntExchangeNews object| onClickExcludes function| MarketGidLoadGoods351459 function| MarketGidCReject351459 function| AdskeeperLoadGoods351459 function| AdskeeperCReject351459 function| LentaInformLoadGoods351459 function| LentaInformCReject351459 function| IdealMediaLoadGoods351459 function| IdealMediaCReject351459 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle number| __a object| gaplugins object| gaGlobal object| gaData function| MarketGidLoadGoods720412_0ee1c function| MarketGidCReject720412 function| AdskeeperLoadGoods720412_0ee1c function| AdskeeperCReject720412 function| LentaInformLoadGoods720412_0ee1c function| LentaInformCReject720412 function| IdealMediaLoadGoods720412_0ee1c function| IdealMediaCReject720412 boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageView310742 function| LoadCriteoAllPlaces351459 boolean| i.js.loaded boolean| i-noref.js.loaded function| LoadCriteoAllPlaces720412_0ee1c function| v3_homepage_loadmore_recent_posts function| v3_list_loadmore_recent_posts function| v3_list_loadmore_video function| v3_live_stream_loadmore function| v3_contributor_stories_loadmore function| v3_show_tabs_more_items function| v3_load_video function| _load_top50_articles function| _load_newest_articles function| _load_top_articles_by_day function| _load_top_articles_by_week function| _load_top_articles_by_month function| _load_top_articles_by_year function| _load_top_articles_by_all object| jQuery172031866908344835276 function| show_banners_direct_regular_left function| show_banners_direct_regular_right function| show_banners_direct_mobile_left function| show_banners_direct_mobile_right function| show_banners_direct_for_regular_page function| show_banners_direct_for_mobile_page function| show_banners_contract function| show_live_stream function| increment_views_rotating_text_links function| incr_clicks_rotating_text_links function| tracking_clicks_rotating_text_links function| show_rotating_text_links function| save_ad_code function| get_ad_code function| getAdContent function| antiAdBlocker function| web_show_most_recent_stories_list function| mobile_show_most_recent_stories_list function| getCountryCode object| mobile_device_detector object| OneSignal object| ldAdInit function| trim function| validateFormOnSubmit function| validateFeedOnSubmit function| validateEmpty function| validateEmptyEditor function| validateEmptyTextarea function| validateSelect function| validateUsername function| validatePassword function| validateEmail function| validatePhone function| validateCaptcha function| validateSubmitionAjaxCaptcha function| validateUrl function| checkUserEmail function| checkUserPassword function| checkUserPasswordRetype function| checkUserPenname object| _ldAdIdMap boolean| rioc_required object| rc_head object| rc_body object| rc2css object| rc2js object| rcel object| rcds object| beaconNoScript object| rc_loaded_widgets undefined| rc_chosen_interests number| rc_loader_limit number| rc_loader_runs object| rc_loaded_hashes object| rcsc object| RevContentLoader string| rc_p_uuid number| provider string| do_branding object| Base64 function| rcjq boolean| scrolled boolean| swiped boolean| resized function| Hammer object| jQuery110205000234986451668

7 Cookies

Domain/Path Name / Value
beforeitsnews.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22Pz5F.VsHR%22%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1608495449672%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1608495449703%7D%7D
.beforeitsnews.com/ Name: _gat_gtag_UA_16055024_1
Value: 1
.beforeitsnews.com/ Name: _gid
Value: GA1.2.810859892.1608495449
beforeitsnews.com/ Name: b4in-uuid
Value: 4efd4f37-0505-47d5-a4c5-89732c4d8aa0
beforeitsnews.com/ Name: SERVERID
Value: s2
.beforeitsnews.com/ Name: _ga
Value: GA1.2.1311208604.1608495449
.beforeitsnews.com/ Name: __cfduid
Value: db60e75ff07b459ba5b86a1b7394a85471608495448

6 Console Messages

Source Level URL
Text
console-api info URL: https://beforeitsnews.com/(Line 494)
Message:
[Web Cached] Loaded time: 0.00291s
console-api log URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js(Line 33)
Message:
Save the new UUID to a cookie what will expire after 1000 days
console-api debug URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020112020(Line 1)
Message:
[object HTMLImageElement]
console-api info URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js(Line 39)
Message:
adsVideosRotating: id23 views: 1,771.9k
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ams.creativecdn.com
beforeitsnews.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.mgid.com
cdn.onesignal.com
cdn.revcontent.com
cdn2.lockerdomecdn.com
cf.girlsaskguys.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gellerreport.com
herbanomics.postaffiliatepro.com
i.imgflip.com
i.ytimg.com
iili.io
images.fineartamerica.com
images.revcontent.com
img.theepochtimes.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
l.sharethis.com
lockerdome.com
m.thebl.com
match.adsrvr.org
media.townhall.com
media0.giphy.com
pagead2.googlesyndication.com
platform-api.sharethis.com
pterosaurheresies.files.wordpress.com
px.adhigh.net
rddywd.com
s-img.mgid.com
s.w.org
s3.amazonaws.com
secure-assets.rubiconproject.com
servicer.mgid.com
stateofthenation.co
static-3.bitchute.com
stats.g.doubleclick.net
sync.go.sonobi.com
tntrafficticket.us
translate.google.com
translate.googleapis.com
trends.revcontent.com
upload.wikimedia.org
www.dancebase.co.uk
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.jetnation.com
www.morningstar.ng
www.naturalblaze.com
www.rumormillnews.com
www.stripes.com
www.youtube.com
x.bidswitch.net
104.154.142.214
104.16.221.74
104.18.64.15
104.19.132.78
104.19.216.61
151.101.14.2
151.139.128.11
151.139.242.29
168.62.40.228
172.217.22.66
178.162.133.149
18.194.149.70
18.202.41.158
185.184.8.30
185.59.220.193
192.0.72.28
192.0.77.48
192.124.249.17
192.124.249.6
193.232.148.160
204.13.239.203
205.185.216.42
213.138.111.133
23.37.42.132
2600:9000:2070:7800:1c:8a07:5e80:93a1
2600:9000:2093:4000:d:8a0c:6440:93a1
2600:9000:21c7:200:c:abe:f440:93a1
2600:9000:2204:1e00:c:a9b7:ddc0:93a1
2606:4700:10::ac43:e6e
2606:4700:20::ac43:4728
2606:4700:3032::681b:80dd
2606:4700:3033::681b:8fb8
2606:4700:3034::681c:1cf1
2606:4700:3036::681b:95d9
2606:4700:3036::ac43:9f4c
2606:4700::6812:e134
2620:0:862:ed1a::2:b
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:814::2004
2a00:1450:4001:815::200a
2a00:1450:4001:815::200e
2a00:1450:4001:817::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:820::200a
2a00:1450:4001:821::2016
2a00:1450:4001:824::2004
2a00:1450:4001:825::2002
2a00:1450:400c:c06::9c
35.157.252.59
35.226.130.62
45.33.2.97
45.79.195.246
52.216.16.179
54.216.123.169
81.19.215.5
021deaf90ebdbb1fb73e91354e4f5727bf014b87efc23f2f4005f8dc08ca0949
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
068cfc47e4df1a96edc34feae19e7038274de7b1cafc9f733d72627d22471822
076a94b81494d3391aef8d653126cf909d60999aec689ee2a1b4c048d042948a
08e24203faefd371ec6a5cc290fa676a3ac558f20b4b45f0e21196ea3a8b5162
0d20a1591dde0743e137347b77f33c79b3584572ea652a6fc646888126b11279
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
10d64deb33acf97c1cbe01c76e6f4cdc68b74314857d16cd14e48efc07ba1c68
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
18f19bd3e00fe8248d8c715e257c2ceab27f19092344b6a16d6f0636cad76131
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
202592cabd88a9b1b38ecae8c933a78f9f39355ffc9b2f24aadd13eda9518a2a
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
217e9091d2fdc535b6bd04ca61b1758b51088f194076f39c6693d4b3aa37dd83
24f9f738d7dfc72a5d156f1d0f255ff3cfeba564708dc8cfbc0c20e929cc5c63
2a6e86570464befe62f0ad86019c338114068721e30b377cad095eeef4792522
2b7929406c9755bddeee14792c5bc628ed511e22c49aa54d43181307ca7bed67
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2d6a0749dbb73160c55a10dc21e19938801bf0de055951aced9ef81e0be74fb5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
30bfc868243575bd7a29d4f8d36a453b5570f2e8792f1ba989fee23ee04ab890
30f0e80aa16c0703f0454dbf4b88664fd7fac80466a92f455559c77b57f80f4c
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3294edd61742f6999c2213e052f5f42b0dd238a09302160e0a46d38eabe0d9a3
33848ec15971b15bb25dd1e42dd1abcfb0b521c8c1363e5ffd5da7804a38ccb0
35a82ddaf03e843fc4768f9bce9fb256510d791d9dadac092442f284ffb8caf3
36fe45df416d7f6e22dcb693f50939a972ee5f50bfb0170e9b83a6415471712f
3d1fa5d5a2c91f3efe1433cb5debe6268a56c9f1a4b60d841393b509a30cf45b
3db952fba727a392d87f18ad9028754c8b9fd2e206e3330eaf763615432fd3ee
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
42ad5e7034d51439f53541b9f772f5e4ef07b085f1e5cdc381b01872a02d131f
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
44b7cddb2ec0a1c841d8e1fa306ba61194864db42ac45b53ce2728e16136c40c
47f5b2ba7dc4b1d498cf2f83bb1df236323a984a0d58e7a38e19951e39bd176f
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
4ae6fadc73877dabecc11d3d53f3e1ce41cb0aa533472404d7bd024890e6e7b5
4b8d83e7decc8feec96194f003cd69da6f694aefcf0eed0b01522d46dcb89099
4bb0649166a5575c83f03ea06978efc661b48b66a9706c10be152939253cfdbd
4c50101c34398597ac1ea3e5358ea9e1d801807b0317b4363252bd95193614ca
4e2207c38919b05b8578851d7ff15fc178de9efcda7f94950c70610c8d06c4b2
52bcbc75a56327b3391fb00b5a2769614044e06ea3628c651586b2159652cdc5
544b6143f0f3e268c98bc912bef093875321be1cc12116e54929cfef86ad7bea
5abd1fc8bb2f006078e2cd79cabd76eeb26b4c6c9335fa27ab6c9aaa223fb178
5b3bfe799da558857b11d4b32be4aa2ab97c5c7023630d4223846c825a551c53
5cadb2efa411cb626f434491a682fc63a4ff7a8f621521bd0531494e76eed873
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
616f3c5387758aff936d47c41a8ef8cc07b400b64b3d3e5d07634b2e31de4773
639bbdccf8f434f55586e2ec4a2956ebf9ec7a046d46341f72ee779f1760488d
6566bdeb0f8c591832702768ab4ad31fc960f2f0a9b9dbb76cb94e411156fdb9
6577682a5529ae8edd2fde1f3e5c68ef89277a0f12d47c413d10b7d8052621dc
670dafc78bf28e92c618b32088cb7398f402bbf4f7135e224532fd391848f5c2
6a913174f23ae7ddee498f45566d9ebb0544343afe5d486bb3f7f6ce6eaa6d49
6b6e3ebaf6239b54e5814a5f4d16adecd07cd73642d10f9f5cf7190ae9b9c3d2
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
6c6c9cba488a916983d814fde518217ea8b6ed7d286f6c48d262108e72f814f3
6d3fded1f2cf2fb3e7347408392b688efc920047702435afc9d17244e802496f
6df1457515a690c33717b2eca10548b3fbe947e30b05365471a2d04ba64273af
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
7183658fcfd17c30c370bc1cc7a8ca0cf708e79883f06273b10a4c266ebb66df
72c8257271d5ac677ab2c9ff8a29220a7128c639b73db95db9cf3ad03ef96f7c
787a94617c4a8b88d9f0a92e0eac8fed28c7d35f296028a550725464aee28539
788a08bf62ef367edb51976a66fd9c5abc5ad55f4fa1ac66d3abde2ac76da67e
7965c26cebd0d53bf6221be5b8ac482fc7cf532c099fee646afa5b6afc07ce51
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
79ea20c2453d614642047c888d9a9abe70f74839a3ab9f6f3450441f0d6d9042
7ba3b956d2451a7dbd3bcb576840e205a226067da7bd7b6c709fa07137d9bced
7eb9890c6dc36dac5de03c9324d0d43cc3cd7bbf84677cb0d4756cf2bf04121c
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7ffb67ad8dc98a3891ae39f32c274b98e9b9ce7e96c1cb99468c16119b82d02e
81ef4e25e521f81d0efd5d1dd5885a1e4e39b1b9974bdc3117d7a9dbc1133e84
8286ea3b6cc5ae49e5a9f5c3f76cdcfb6433e338f85a03cfd9a0bbbd914a82f2
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
83980d2c6be63121ae377e3315c6bdc744309de315d43983dbadf8bd611b4a28
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
864af76ad523736a2f3966f74b8a53e43375d6112bc7a2594d505a2346ae8bf5
869f59c636c830291e34258562dd42f73c35334e267037c93770001d61f78a49
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87f59e3c5be59bfece610b46176dd43b441660a01d5225f98e94c287b30e39c0
8e6c6a5c70ffde44ad2cbab9dc28e907ed1ce5256a039de859acc0b143d77859
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
904df826ac2b2bc80617fe91ac632a4aaea6c2ebccf269bf87f355deb39d870e
911a95b5ebc85069d70b49165bbb081f87277d48f598648e9f3f57a576ce0d59
914aaf00570039622940a10c515c390e0bdb29e14a4cb1e3c3598cca05e8ead2
91deab5909098b75940723c849ddf4e06246f29be63c12862b741e23fa82470b
95bb6c27d9aa0cf2a04f1cef53d7e76848cbf984eb51802b7280809c420ffb53
9717f3593f6430313f4dea2f062410dfcba266815e06a3526dde931497295f73
9ab8d3ab886ebd79b8127eb85c077b40f7c5e92fb28da6526aa421188910c793
9f9efff5970b479d5a02f300e10b15f5529c38c10a19906a1ac900484581f30e
a1c5ca09f2fe63aa454e4f33337f32024dd0191adfe2316321aca763d9b12267
a30390ed3206a8f05a65b99556f6f732dac17ee26ef5a774f6d10980bd25a985
a54585280d1028d7638386af088652705a69740d5a8f296eafc7f98ba8554c3d
a7076ae1f2fdb36099390661d9b82ff46cb3b4256bd3f31160f959f2e87e425b
a855d275afd3638c7d7d62e6b27285a2534fc64d07529fc20e4ff4ca15fba21b
a8a4acaab8f3d266a9544ed317d780e3c5f4567692806f0450ea30ca8a17862e
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
a9b1dac4640ae24465170fdc8a89216f09922c0ec41e9dc668c4d7d5d0650359
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
abe20d0d93c6b8e49e75dcc575d4e7acb994a7b382077ecfa5eb363002fe9fca
af030f5110b979cdb6088e157af646ed84fb48843cdf9003b5cbd652fca89f4b
b1d10f374a222e7a7d724948597eac631b69416251cbad0396610788157a10b6
b22fc6d703979388d59088e1c24a7ca8e3047e75191119a95f7598a73abe072d
b989b0a6c065a5c25053eec3f2528cd8dab878f8110b0b2183fc459caee6336e
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bd1436643629fb6f27921499d2146a33c10c4f64e13059debc2f76d15e2a971b
bd2a129f29805ca234b0c8374aec9b74a9795d1a0d1c3335bf42041839e843aa
bd54d4a7921368bbd3e05cf10723d022ba0835e9803c58d7f52d5ecf75c27422
bf53baa29daf3ca6c8b68724293091277b58cf96f108f67cf019327b256863b6
c16b67bdb7638f2c64b187a01987f29c76ff9c66711a632f800a1efdfa6fc0f4
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
c45b1eec80e5b5d7f5db645c857a91d38160f5985214f5c0f0662236c4e5a513
c5213080107079508d6ec845ffafacd4667e4afd0fa3743905fa5d58b23adf89
c7713f7108560b28c40f0e7fcd50f5ce1ffe3db8ab45724c79efa0c56c03ce07
c7a2c052f383509ac9ec9da7f34cccc4c1d35040799426588c54a0d83cd9628f
ca6c4dae8dc680a4595921bae7b66ab8bede58bee181a639464d14d1e780ddf5
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb3c8e6d8177ed58739c0338a0de6acb391d0f0a857f0a351a99482061137455
cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7b9414519d200832e0c5f940f107ddb8ae3815a0e38f9ab829daa612b719aa
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0c4a0905128c55af84ba63f373a41f557f2543aedb8d7ae426d129b96dfd174
d1ad2e69f7c7ccca553946ca3ce67e4249ad4315d7341136f1fdb6559d33e7f7
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
dc6e1b8131c07cdfaed4ee217aa32ca0e0b991a22132380f547f00af45cf49d1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e11856b669d80ade06681b95ec9d41db8534aeeb3ea8065652976e2bc047f2f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4c604a41fcbff202d58a5849f90896ce094a515b46afd1133442ad96dd7f2c3
e80051a222c17f6e0ef65e14e863278c0b1167c03e3715e81c67385600aa83b4
ea54ee23191f7f09b213ea87e149b4c52082f0f68dafe5a48f200a829f55da48
ed0549c6c4d11bd4fa70f8bfc652dda717a3c172d5feb72b25c96d1e350832e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff11b862f4349b2473385aa90d66e0ac6d3be33f4c288a42715e351a6d72186
f1757be70e528aef621f4ab0c6a59588aafbc48452270d3b62847ee949f391d7
f4916adfebd1959a0ce2e6096d68af2ec3eadf4e7157fb2a5c265c16605e9eee
f58900c46838dd616dac2002cb511eac3c10753adc10a855073c883e0785f81c
fab3d4e67f3f1725b7cd2d196dc1c9d4a87ef8b2f7c42884878e66f549426df3
fad8c9f03c024d5b95c3503270dad839a5b3805c8f6cc32e013feb29890e31e9
fb3510b827835b851396cd05695713efff68826162ca27a73298fb29ee46a1f0
fb60bec727121d5594d984f8313dc70aac2ba35e977d9db9030e2402c3515a27
fd7dc2b9d1e9e9562ceb6ff721a7ff6a07fe97816074bc58ce14ce16a61aaf07
ff943bf582a2b6018789b174549a271cec3f8e9eca1a0375452bc9f32d38e140