beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On December 20 via api (December 20th 2020, 8:17:49 pm UTC) from GB

Summary HTTP 183 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 52 domains to perform 183 HTTP transactions. The main IP is 2606:4700:10::ac43:e6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 56	2606:4700:10:... 2606:4700:10::ac43:e6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
4	52.216.16.179 52.216.16.179	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3034::681c:1cf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:821::2016	15169 (GOOGLE) (GOOGLE)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	104.18.64.15 104.18.64.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.59.220.193 185.59.220.193	60068 (CDN77) (CDN77)
1	2606:4700:20:... 2606:4700:20::ac43:4728	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::681b:95d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	81.19.215.5 81.19.215.5	25369 (BANDWIDTH-AS) (BANDWIDTH-AS)
1	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY)
1	168.62.40.228 168.62.40.228	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:303... 2606:4700:3036::ac43:9f4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.226.130.62 35.226.130.62	15169 (GOOGLE) (GOOGLE)
1	213.138.111.133 213.138.111.133	35425 (BYTEMARK-AS) (BYTEMARK-AS)
1	45.79.195.246 45.79.195.246	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:207... 2600:9000:2070:7800:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
21	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::681b:80dd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21c... 2600:9000:21c7:200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:220... 2600:9000:2204:1e00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.194.149.70 18.194.149.70	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1 2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5 5	35.157.252.59 35.157.252.59	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.148.160 193.232.148.160	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.216.123.169 54.216.123.169	16509 (AMAZON-02) (AMAZON-02)
6	18.202.41.158 18.202.41.158	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	45.33.2.97 45.33.2.97	63949 (LINODE-AP...) (LINODE-AP Linode)
1	204.13.239.203 204.13.239.203	55106 (DATACATE-AS1) (DATACATE-AS1)
9	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	192.0.72.28 192.0.72.28	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.124.249.6 192.124.249.6	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2606:4700:303... 2606:4700:3033::681b:8fb8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.124.249.17 192.124.249.17	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2600:9000:209... 2600:9000:2093:4000:d:8a0c:6440:93a1	16509 (AMAZON-02) (AMAZON-02)
183	57

56 2606:4700:10::ac43:e6e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.216.16.179 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::681c:1cf1 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:821::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.64.15 (United States)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-185-59-220-193.datapacket.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4728 (United States)

ASN13335 (CLOUDFLARENET, US)

cf.girlsaskguys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681b:95d9 (United States)

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.215.5 (United Kingdom)

ASN25369 (BANDWIDTH-AS, GB)
PTR: delta.cloudns.io

www.morningstar.ng	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

media0.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.62.40.228 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.stripes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:9f4c (United States)

ASN13335 (CLOUDFLARENET, US)

m.thebl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.226.130.62 (United States)

ASN15169 (GOOGLE, US)
PTR: 62.130.226.35.bc.googleusercontent.com

tntrafficticket.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.138.111.133 (United Kingdom)

ASN35425 (BYTEMARK-AS, GB)
PTR: lauren-live.default.laurenkyla.uk0.bigv.io

www.dancebase.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.195.246 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)

www.rumormillnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:7800:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::681b:80dd (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21c7:200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:1e00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.149.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-149-70.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.252.59 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-252-59.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.160 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.123.169 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.202.41.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.33.2.97 (Dallas, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li956-97.members.linode.com

herbanomics.postaffiliatepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.13.239.203 (United States)

ASN55106 (DATACATE-AS1, US)

www.jetnation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

img.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

media.townhall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.28 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pterosaurheresies.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.6 (United States)

ASN30148 (SUCURI-SEC, US)

stateofthenation.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681b:8fb8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalblaze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.17 (United States)

ASN30148 (SUCURI-SEC, US)

gellerreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2093:4000:d:8a0c:6440:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.fineartamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	beforeitsnews.com 1 redirects beforeitsnews.com	1 MB
21	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	217 KB
14	revcontent.com trends.revcontent.com cdn.revcontent.com images.revcontent.com	339 KB
14	youtube.com img.youtube.com www.youtube.com	318 KB
9	googleapis.com fonts.googleapis.com translate.googleapis.com www.googleapis.com	101 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	62 KB
6	ytimg.com i.ytimg.com	580 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	bitchute.com static-3.bitchute.com	188 KB
4	amazonaws.com s3.amazonaws.com	404 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
3	google.com translate.google.com www.google.com	2 KB
3	jamesredpillsamerica.com jamesredpillsamerica.com	35 MB
2	lockerdome.com lockerdome.com
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	adhigh.net 2 redirects px.adhigh.net	935 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	google-analytics.com www.google-analytics.com	19 KB
2	rddywd.com rddywd.com	1 KB
1	fineartamerica.com images.fineartamerica.com	85 KB
1	gellerreport.com gellerreport.com	16 KB
1	naturalblaze.com www.naturalblaze.com	71 KB
1	stateofthenation.co stateofthenation.co	193 KB
1	wordpress.com pterosaurheresies.files.wordpress.com	51 KB
1	blogspot.com 1.bp.blogspot.com	16 KB
1	townhall.com media.townhall.com	62 KB
1	w.org s.w.org	814 B
1	theepochtimes.com img.theepochtimes.com	37 KB
1	jetnation.com www.jetnation.com	45 KB
1	postaffiliatepro.com herbanomics.postaffiliatepro.com	1 MB
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	lentainform.com cm.lentainform.com	622 B
1	sonobi.com sync.go.sonobi.com	532 B
1	idealmedia.io cm.idealmedia.io	556 B
1	google.de www.google.de	107 B
1	consensu.org c.sharethis.mgr.consensu.org
1	googlesyndication.com pagead2.googlesyndication.com	47 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	rumormillnews.com www.rumormillnews.com	699 KB
1	dancebase.co.uk www.dancebase.co.uk	73 KB
1	tntrafficticket.us tntrafficticket.us	1 MB
1	thebl.com m.thebl.com	295 KB
1	stripes.com www.stripes.com	132 KB
1	giphy.com media0.giphy.com	1 MB
1	morningstar.ng www.morningstar.ng	8 KB
1	iili.io iili.io	235 KB
1	girlsaskguys.com cf.girlsaskguys.com	511 KB
1	imgflip.com i.imgflip.com	142 KB
1	wikimedia.org upload.wikimedia.org	14 KB
183	52

	Domain	Requested by
56	beforeitsnews.com	1 redirects beforeitsnews.com
12	img.youtube.com	beforeitsnews.com
10	s-img.mgid.com	beforeitsnews.com
6	images.revcontent.com	beforeitsnews.com
6	trends.revcontent.com	beforeitsnews.com trends.revcontent.com cdn.revcontent.com
6	cm.mgid.com	jsc.mgid.com beforeitsnews.com
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc beforeitsnews.com
6	i.ytimg.com	beforeitsnews.com
5	x.bidswitch.net	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com
5	static-3.bitchute.com	beforeitsnews.com
4	s3.amazonaws.com	beforeitsnews.com
3	jamesredpillsamerica.com	beforeitsnews.com
2	cdn.revcontent.com	beforeitsnews.com
2	www.youtube.com	beforeitsnews.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	match.adsrvr.org	2 redirects
2	px.adhigh.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	servicer.mgid.com	jsc.mgid.com
2	www.google.com	beforeitsnews.com
2	www.gstatic.com	translate.googleapis.com beforeitsnews.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	rddywd.com	beforeitsnews.com
2	jsc.mgid.com	beforeitsnews.com
2	fonts.googleapis.com	beforeitsnews.com
1	images.fineartamerica.com
1	gellerreport.com
1	www.naturalblaze.com
1	stateofthenation.co
1	pterosaurheresies.files.wordpress.com
1	1.bp.blogspot.com
1	media.townhall.com
1	s.w.org
1	img.theepochtimes.com
1	www.jetnation.com
1	herbanomics.postaffiliatepro.com
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	cm.lentainform.com	beforeitsnews.com
1	sync.go.sonobi.com	beforeitsnews.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.idealmedia.io	beforeitsnews.com
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.google.de	beforeitsnews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.mgid.com	beforeitsnews.com
1	l.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	platform-api.sharethis.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	www.googletagmanager.com	beforeitsnews.com
1	www.rumormillnews.com	beforeitsnews.com
1	www.dancebase.co.uk	beforeitsnews.com
1	tntrafficticket.us	beforeitsnews.com
1	m.thebl.com	beforeitsnews.com
1	www.stripes.com	beforeitsnews.com
1	media0.giphy.com	beforeitsnews.com
1	www.morningstar.ng	beforeitsnews.com
1	iili.io	beforeitsnews.com
1	cf.girlsaskguys.com	beforeitsnews.com
1	i.imgflip.com	beforeitsnews.com
1	upload.wikimedia.org	beforeitsnews.com
183	68

This site contains links to these domains. Also see Links.

Domain
www.herbanomic.com
mitocopper.com
eae4b40pdp-1n69sysld-70zex.hop.clickbank.net
tinyurl.com
db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net
www.fincabayano.net
polaraidhealth.com
225e505pjo7-s6cf1g5jdswy81.hop.clickbank.net
www.braintuner.com
trends.revcontent.com
widgets.mgid.com
brainberries.co
telegram.org
t.me
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
3b7d7s3fml0cpg51en5xn5u-xz.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
edgestatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2020-11-09` - `2021-11-16`	a year	crt.sh
static-3.bitchute.com Let's Encrypt Authority X3	`2020-11-24` - `2021-02-22`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-02` - `2021-04-23`	5 months	crt.sh
*.stripes.com DigiCert SHA2 Secure Server CA	`2020-08-21` - `2021-09-22`	a year	crt.sh
tntrafficticket.us Let's Encrypt Authority X3	`2020-10-27` - `2021-01-25`	3 months	crt.sh
dancebase.co.uk Sectigo RSA Domain Validation Secure Server CA	`2019-09-15` - `2021-09-29`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
*.postaffiliatepro.com RapidSSL RSA CA 2018	`2019-09-16` - `2021-09-26`	2 years	crt.sh
forums.jetnation.com R3	`2020-12-03` - `2021-03-03`	3 months	crt.sh
*.theepochtimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.townhall.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-21` - `2021-02-20`	2 years	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
gellerreport.com Go Daddy Secure Certificate Authority - G2	`2020-05-13` - `2021-05-13`	a year	crt.sh
cdn.revcontent.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-15` - `2021-02-13`	3 months	crt.sh
images.revcontent.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-15` - `2021-02-13`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 8FD8E26A18D3049E357080CD608ABAC3
Requests: 170 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Frame ID: 2151E2B6130C12E541A6EB2DE4E4AF3D
Requests: 5 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020112020
Frame ID: 263C0EBE1896CD90AAC05BD90BD100F0
Requests: 2 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 12D59A6717617D8552A5BBC9B97C472E
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 92E7C0CA105F25AA8E9E8E20CAAA3C56
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 5ACBF0BCF77A67277347D186A437577C
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1608495449679335494839
Frame ID: EE2644E77D62E89C9DB6961F3D863C4E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 8F55E275008819DE0E6C8B22F09D9B3D
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: AD5566A2977E671A1B0D1027FE26933A
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 83F79968E91F8211376C62AFFF8C7D95
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hdSplGl0fj4?rel=0&autoplay=0&mute=0
Frame ID: EA1AB4865D99BFFCDE91DADCA68BC665
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YHaSsqT6kf0?rel=0&autoplay=0&mute=0
Frame ID: BBD31EA11A25C5343E767EF7CC8C71FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

183
Requests

98 %
HTTPS

49 %
IPv6

52
Domains

68
Subdomains

57
IPs

8
Countries

45529 kB
Transfer

46815 kB
Size

7
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomic.com/productdirectory
Title: Shopping

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/ultracur-bioavailable-curcumin-complex/
Title: This Clinical Potency Curcumin is 14,000x Stronger for Fighting Pain and Inflammation! (VIDEO)

Search URL Search Domain Scan URL

URL: https://mitocopper.com/products/emf-blocking-smart-meter-cover
Title: DANGER - Shield Your Smart Meter! Protect Your Family from Illuminati Kill Grid!

Search URL Search Domain Scan URL

URL: https://eae4b40pdp-1n69sysld-70zex.hop.clickbank.net/?tid=BINBAN500

Search URL Search Domain Scan URL

URL: https://mitocopper.com/products/prodovite-mineral-phytonutrient-complex
Title: Most Vitamins are Trash! New Product Energizes Blood with Nutrition in 5 Minutes! (See Amazing VIDEO)

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c
Title: Try This New Way to Control the Matrix and You'll Get Anything You Want! (VIDEO)

Search URL Search Domain Scan URL

URL: https://db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net/?tid=BINRTL1
Title: SHOCKING! Scientist Reveals The Real Cause Of Weight Gain! See Video

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net/?tid=BINPTL
Title:

Search URL Search Domain Scan URL

URL: https://mitocopper.com/
Title: Patented Copper Supplement! You'll Never Believe What It Does Until You See the Blood Video!

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/
Title:

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/
Title:

Search URL Search Domain Scan URL

URL: https://225e505pjo7-s6cf1g5jdswy81.hop.clickbank.net/?tid=BINRTL2121220
Title: Discover How To Survive in North America in Case of an Emergency

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/
Title:

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=hAh75Sv%2BkqKxVhKlveCtfv0OUQtFAS2LwXqvFI0fsyUdIbsRDUa3vDOgQQdmBcx4Z8XjBiaoFIO9jvUuaqyXW%2FvVDPpwdTUWqrdgK0ZjxsCLP%2FcQQH%2Bw4d8IBQkf4HJ7GSGgJEiosO0HU9EyrKXj55GTGbjcI2LuhCMPi%2BfXhSuNshy0xu%2BH%2FL9y4WSNulwL9lCdpnorvxGcoPXgGlEWG%2FQxZ%2BNflRwBTnis8VVr%2BXV9Ajr67fsjDSkGigmMyOENFSrR72nsipVeIwFs9Ehg%2Ft7ubrhZ%2B4AhZxAGzX6AFNuh82WPfTzG0PP%2FL8oTbLYQ5Vjpn9s8GPtocsKuRG1kL7%2FxF8iQ74BGi0NIMDpG1UhRhTaLxF6JRuqLL6gj3vJamJhUaTfWpS4WEpCPFsnapdwm%2BfIMuHCS7Rt6xiCi9hG7MEHEAHuHUpS8zD7hZ6aczW7%2BEFPgBJgllv0CAJn5MWcaL5yP30AvkXzWkhUNOnfMk%2FUgY%2BWgPjc%2FvdzTzEFrRyZDanS4xYkLs0Is4liTxLrjXN3U20QYyaFcpPU07B1%2Bqm7yvAKVCS599Kxpjrwyf7wutAF1AW0wLSPZ7lf2eOnJeyJzsI3%2FP72mV5Jm1%2FzWNsm4fCYqoV799mvFxF8wMSz9QhK7%2BCdaicsKKnOvu%2BcAZtrR%2BI%2Fx%2FetAr0kCF8w7%2FXp4CwEYUTWBIs7JRf5YIncdrsayKGOzNo5cOO%2BC2ELL4sHmUQD3Bu6VB%2FdrdglKUsprOK42ooZ5YyDiAywVkC%2BIjLXMTnb514fpbCnrozX1zEO9H38ArRo3SqlUR7g1h5JXCkb8sQxa0LiqwxOOCKhIFevCl0AhvOWTE%2BVEsDS6faHR%2BZnt%2FvtMr7fd8I9kLDft55bFg5inD7fkQfOu0V3nA74zKxRjokkc4hy2QiiOP5upGJPFYgKLDClOkSgmVh9KXSgWKnWrFovU9pgD%2BeoudptztlrwKTsEnHwqew2pTgsqLe0izHVqXVFmok%2ByRf8EwciprfrBdbf%2FOaAAGOMK12V1xacEcVXUCO73kfDv0mQIcxTVZ5gHBAoeh86kAHas6PsyZFcj8McbYS2o%2F6Or3UT3aKf8%2F%2BwfKzddNIR0sEIQe67QAjXq8NKSSP%2BkxcZG3PeTxjV2AsebPv19bybc3CsXINoAvo3QEQaGKi17xJPp0A2BJE7BwsTBUl5CaDVee4d7XuKqhX8WzRCf%2FdJlKjq%2FT42obQk2Jup4Szoc%2FtqgN1JdwZxnLL0cYX8%3D&s2s=1
Title: Anyone with Ringing in the Ears Should Watch This (They Hide This from You)

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=JgoxLCBe11LEkF5RsPu3UMr0EcEg%2FfO5TIAqaB6oO0nwOfdlcd%2FnSYuj6tq9Win%2B3aTb5eYH%2F7HtZF5Dgc7zS0L3i40VTBbY%2FjK%2BfwehgpCi1ADWTTxIoYiK65oBSKZOdjKnUWWlbPtjYLdEWkXbytJimMeweB3tx0t%2BO7%2B6qFbHa8U4ht5b0tQhoWG8B4oU4CXiPx%2FywDdbYTXMP%2FV8QJYr7E3iZukjBtmJ%2Bo4pIaRCnB0X%2B2pN40cd1DCvXN48LL1WUZnikPqb3OmLjXTt8vdBHGAW%2FIrxCyMxAtdCksVJXmFPTKa85Uir1zo35bnZ5H5Bzg6ojgTmRmN1vpBfc0NZ2tb9GrCCNLYr1ZqSsiODtjma%2BL6E7OCds9Qk%2BirU3JVvOZWz850jvdZ8yDVYVgtrLwW4wnowc%2Baev0BgCxSCVqnQ%2BzISsZ8OXqBy0UZoQqxVRWZomqmeDxwWkUoluLUNii7MpBZ%2F35NMVaCsop19G9usH%2Fu%2Bbu2o0KXofBbGRrUQcsv47g9xukjBvv0hSXgzSb0PyCBEHExrblTa5pE%2FN7EvvIwFHk%2BDaF0XwbajvB9c6fjnsWkWYupINkuRAHLCyZ4VtaDYVNFg6vBG4HKr5efDWA0CZ1yRF5itNMI8yvAsc7byitxm6dJ8g13RCX4HJ%2F3mQX3W1CnDHGjdO5a05a2I0oBzNXV0bNeB7NTgT60xQwdPr%2Fnn9SHXf0e8XEbdm9D2SO%2B8IsImIgg42xcLECx%2BhYKvgQ8esCDlf7YEVLG0MecjGykt2F7%2BQFhIdb2sWNfzZ0qe2nKsfBJAoqaeigJHUeNr0u0y4mvhmeN6H5SrHEkoVVl094zukI472N4InpOZcwLdBLflFbtGXR4ONN0zrwDCB7Rde4HOwB8ZXJV0VQPje9%2BLw7a768bFaMDjt%2B6iVVuWFsZzlFxLSga0v6Nzs70exmpe%2BDY98pfWKFWlFhoT29FcVWYaxEPFEQj9FWoLy4maD3znThm7PfZ2EGYIamlNcslwoGwVgoFl%2FaP%2BFMz1o6Gwvkjs6yL%2Bju%2BJU%2BDFq%2F%2FPG4oZoon%2FxCtkaGDkajXFq%2FBsY35bm7yYsayQWxz43iLMTUP3xDpkD3lqor7gWtAKiTjgoTT%2FBJp79rUykVSN%2F38L8%2FlKqywwi78%2FV%2Fb3wgjsUB9%2FY4ORFw%3D%3D&s2s=1
Title: Md: Do This Immediately if You Have Diabetes (Watch)

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=QOBbw8mt3AkBwFyI9S8gJnXb155dzkGloKPmxJOOOuAH1RvFpVC6ctDIHHdbrUbh0z9C3TEkoS4ORmXWKhv7QP48c8zIV6JO5ie%2FwADYcckqDXXOiD1iZ1BDWMwIDIJFy0E57TW14X%2BmCJAVXdSN3kctnReTiM8PAHy%2FgevEHx%2FGyY2%2Bz3I%2BW9bRgkLyu%2B5JCJekJnRLBf2enuff8lVp9gsFFS1BItYzX%2FXWcUsa3H5ygC56lJGEFeZzrfbyNFjI0pZp0oHuwaCSnUXCGDWGiQ7ujb5r2hRygODcma0capPXcuVA90g3uhLD3QniD%2B2IQdwA16GqumTfv0BHaTs9gDYQLkPcWE6h5ua12tLDE%2F7sziYXxd4iYo%2BQHwXtMHE8VM5ZLqDGkWsYFMuXatSP0Oe764V6bmQgQrFopY13gsnOxVlCcMujjZxPYVhPsl28QWFAa6DrQVexCyen7jV2jh%2BLKQQ22UfA3tfXGMEFHthfGEQVgB7Z%2B8VyZ1uTBvXSwnjU0%2BqzEghHtSe2wfsiPIWeVuNTQyK4iL5n5Gt47zLPywiDSO2uqGN92PDXwBXW77uwMx4MGCWWGbrotGuZQMkaaQki2T%2Fe6Q49BkTNCNkOhugjTpd5v%2Fg5eNfksCmpMnzDqOjB22Z3lq5J%2FHRXyQlqY3OJFzOrY3UdQYjzJSHfQ%2BNsSh4cm72SwOBw4Hz%2BCk%2BP4WPfkgXaW2qSaoNQGAZbY3twX1VXeeSK2GAYRzvGdgRi1zYRxcXKIvEshKq5%2FVp8OVwOOy7l48BLQr15iJNGsDq1VtB7Dbwey%2BHM7CF5jVvC0x8Bsj%2FRnxJbCGejG6V0JSbEbHm%2B11vWz%2BajKcGbl0ekAHdrVuhDuTjoFD%2Ft%2B%2BkjKCFXLWNPGraRUYAKiGKU78kSeswGqvTQrWEb1MLipEFhf1%2FB8GZLZgxrd9YRKV7LnmN7cOVPA%2BnDTSUl39fq7xqTfybuANIPEOEWmZHY87AEfyVBotKyiIgbmWAFGSsi%2BgW2QincLyzYM6tup08COGCx4gv66qH1%2BITWklMVFzw0WAVg8%2F1kKO9dWSixVCb%2BvhUPrFL3Csl8%2Bp60UEk7XAoUAqVO3mpPXCdoJppeZiqbsXMUp4z1H2Xh0%2FhbY5tzhAyG3hI68n%2Bdy36z&s2s=1
Title: At 56, Laura Ingraham is Still Single and Now We Know Why

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/10-stunning-asian-actresses-no-man-can-resist/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/10-actors-that-started-their-careers-on-soaps/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/top-10-most-romantic-nations-in-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/10-plus-size-models-that-will-make-you-forget-about-your-girlfriend/

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Tiny Self Defense Tool Drops a 270 Thug In 2 Seconds Flat - Get Yours While Supplies Last

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: The Secret To Manifesting Anything You Desire In Life

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/hnex-hydronano-extracellular-water/
Title: HNEX HydroNano EXtracellular Water - Anti-Viral, Anti-Pathogen, Anti-Bacterial - Light Years Beyond Colloidal Silver

Search URL Search Domain Scan URL

URL: https://3b7d7s3fml0cpg51en5xn5u-xz.hop.clickbank.net/?tid=BINRTL1121320
Title: US Nuclear Target Map. Do You Live in The Danger Zone?

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=kt%2FEzCUCFQUrcmDSHbOvTSY3L9Jr33saRjIrCQR%2FE0gwXH0cIDIQoIPoT%2FqcXG9VnpXrL2eW7Y5eS2edhw87wmzPefxcyJ1ayvn80pC8DSknUSJzt5ivQbb0p7ulasLV1YOzp0c5JanGX%2FsA8m7QUnkvheRoBICdE6SmuvvDF1ZWgb6b0uvm4VZS%2FYweu0uLHhGmHdNLw4WHoPZRM%2BZLsOY%2FsViT7khw2SVk7i5xNfKhg9mKFZ%2FZRLSgX5KQwv4IKvCiVszgAix%2BXMQYHGkqtRBn5P9ijQ6%2FwpvbJfISxCt%2BP8DuQkH3Kkt6vRFlIq%2Ff5%2Bk6Klr%2BFCALBs5NKrFDSotxxStg%2BjbG14NMmUQm0sl05v3wmgU%2BOryFqbipe9djE30eln4fWXLVynViYv4B5QXxtMGKBh7Y36OyfYkwmTfQ36AkL98Wb1trUzHqQ4ISg7lYWkW27c8Xav8IKWl%2BuTbqchfkRSJxzuQV%2Bg9o9hsLylsiNKh4IdQy2F3dn1iFCtlYtpgOT%2BZx8M6vrLKwcB%2FQcVL3vWHW6PP0TslNx%2FyiYsAxtYR3DU7i38EeqiDS8lkK2ZUUOYTsPL97UMiOFw73%2BmywSJAqAKJtLOjiyxSZ7fVtIe1odf7Eq49tzfVUkTRvP8Uw9qPm6YxY6ojxyiKy%2BOy2LK6DGXqzb0dItW%2FISoKTK7lkYAmLcEox1op8Ekbk9D%2FuFeLzZ2zCJwfPAVobcAgtl%2BV2Ly0pRp8lPQfZSFKxqvPbJ2kgm21vNp6iGbUPDiQNs7xzfrvwoOuuq5rAwpqqMRbz0kJpTXtrT2EkbmTqa90oHVsN2cimNA5%2BB0dE8SykD5TtclZuaBGJugVMYd5qbVGYWt2V%2B0YX61B34WysQP8qly5b38C5DUahMD75jBgAA0Wquy3hjWrM72waOqVJt9DcW4wxXBOWPZYN6XUHeAcWwPT%2FDMGsL944cFSs9USlmIdqwsri2HLuCsD1DHtBtIFavSujQSQ4rgXJ9W92UrU0lUzAfJuEwCm1i6qJQ0YI6oq%2BduYEnAtfaI2SXiiHVoS0zERhXqLsJQE4unHu88f1%2F8ynt8K%2B55hVNHd5PK2wj3%2BefJU%2B9tobOSVv2CO8CCVzbUSec77thUV97KAzP1TBY4ZfX%2FXV3i8bEQirNzBbjEL8I1TdGs4ZS%2B%2Ff8m2xp%2FuyzMPIMj4yyyKsUPhl1GDanFtWTiCyCj1NUSopP%2BWgmG8U9025QaY9aG0Cd%2FAJRIJXHBkIMaRsJWHMRBOJ%2BuaTIGyGL6bqSCmfIdn85HS5JT%2B2WIFgg09a2DNcvuoy6D%2FGDjqx3b3eVeA6p5k3qIhOGC2aoCBaLTu203OGIJWW2wt8ks2LHWKx8%2BWUxXsIO9JIs356RVyoVLEwhLOmcMhx500pWpjNeGHi&s2s=1
Title: Fighting Diabetes? This Discovery Leaves Doctors Speechless! Blood Sugar Blaster

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=RXa1X6m%2BjoHbmoR9Tk%2Fzy%2FjuonBajn%2FgNi4J3sSYAC%2Fls2UYVJRpt3RbuqzZpah3tF95nxBYE4B1vIP%2FlN5TIMLaRXa2XPPIUGlzB7HhAQ6QLUd5wDZfg8YDISFXAUC32r3cthlwKgw35IQK0Fuco2yYtueUxyM%2Fz3pML9A95ACvSeHK2nlmvFH%2FIvF7y4K10pSA9YbVuWv6tdD3psfBra9g%2FJecisil4JWZUkNLGO%2FSy2Xeb%2BoQgNSyopnRF0JW2tgOlob95VGP81KrUCg3IIyhJ3lMBGn7HJRnSjyWVcPU%2FQSnt0MTIrG%2BiC0%2FD0wAalTujgipBUzhukr4ZhL9vkxfIHdD37Fd9ldAkK2ZOkggrXXIOCRmt5k8Of9wIDGWhUhYMpIg5tMPf%2FALq%2BS2Mfjzt5gzJiAReuuf2kKRyUOPV1zBqQAh%2Fg9LFayl4o7ERlzggO%2BCwMxpFuViwBOapI%2FaHbrFUYzCIxKmZrFCbZrezKYeE2EW4zLxfJ8O1iGkUYWAPW7I%2FIFBFY77IMciLrfFXVKx4WAmuj3IlCQvDAcckp5unY2Af3ETE%2BrR%2Fzn1ew7NEBjpe9s1TusL3LUVb4xJqmeLyIL7fZgZxvKP8MMMisHarikOv08iWNcwMVZ86TNFHBAqD%2BDDnMzKfbTvaSI5ZfbfMBuzEuc0j8Zu4hfElLwoj362oBoMehItJX2x8ZazzXWie%2FLd2xJoy4FBc5dZl%2BtRnmd3K2QqrPpYlWokTGt6AwdCkzlG5gI4F0ZXZo2oMYaVezU%2BjzTdwDkQyBQke5aRxmwoBoKHsMh94a7yusnN%2F0n%2FWn3tqD2I7PfXlt0pwCEPWors2fQ93fGwgVU210R9axHI5pMd45xu3UFbVTKYjCkMQkkghYotAPIjgU3DZVSYuXd4jnKz7DioAeb3ks6xiAR2bWC6DKwy2HG2acHkt8LtOY1QZX0tkgfm9KjZ06lNbxAivMOMdEb3i3Qh42kiCDBe2BbLvYH%2BgK7GhAeAG8jS64r2fxLbgzY1BN4WgxtJFMFC5iWj9mhZFupCGZI6J1dICauJwGYw88HhshO7FNes%2B1fgXW8Xa3msTwEO7gSOgDZLJORjDtkimYBqnCy3QiPSQXWirAljNdPPgwS9fNXS%2Fd9DY2JNEIXPs2GD5IFToZ8ARQKwObguM5AcaQrnrqRgDf5ODLWcoCGBxkNcb8y9%2FS0m46ANZIziNukSROoNyAQAruMrD9etZZQTE8QEPQwxtAlzVRhfmk3GIp3XMC%2BkbmJMC8uxxy7Ex%2FBXJnRH1ow0CiQi%2BuquLTx943jim71c5aaH4ZWI8qgDrwUX0pnIW3M3fu4%2BmLkVZA5peEQBaUH2ZzQ0%2FuSYwZIh%2F2s%2FZuH5BZCkTvUBk2FQUomdjS1m0IHHOdYIbdNL&s2s=1
Title: A Brave Photographer Smuggled These 20 Photos out of North Korea Newscityhub

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=CRCGwLBSF4QuKTFVs0Jdyvindv3Eaf%2FU3yxGlsxmS1d6cR6irr6KHAPsOkLnRYU3etZaG7jplpSx9pdiKt50Beyr%2B4vr2Bg8Fdv5SIagLarTdWdagxiH7hY2ox95S0kyN3tkMRT52z6Ulwh7zqL8gBt6tzFgfDJiZfz3G2kT08%2BoHzMRfEWUrYrNgvChYSTglsIZdONzHpM0WcexHcWY94o5gHHsQe9s1vOS2vog2PGhe1T0NGxsnZ%2B6PfLAjVN%2BdWeAiMEIIxueCxUPOZDIlt11dBOF62Py7OFrDcFDNHPk%2B3bMi5WCGamfzlJTaOQw9ESPWp%2FLT7dimB5wpdzfhUdW7rULOcn%2BTOZoPiP1FRIiBYQ%2BNS6LppJIe6rriV2cX2QWdeA8VWTCXQ1VcwE5kVlV8gLI5LXHjQgqktA9jcIkA%2FPNBazXaWVNUI5Rr1vKR%2BxOUr%2B1NexLUl17m2ZS9UjXUNieUy5tcpd736T%2BNUXvjSGIJDLBtFmAhqeE8bOImBfjP1VUU0YoyVRMzRdifUBFt2zTYZDXuB4exGbCGFsXhSGCtKnbZYsI9uGhNy%2BO9R6%2FXUCAQMLdOcckyHhzlNIIRqHXnDzFwKvJPoQVMDR387gSEFfBEOB1efdRWC8%2FnTHMl6zZZJL5yyTCSRuGOGMb8PaNZPdEAFQiiqkzDar0GmnPk4Y%2F4cx0pznt4YloHau%2FKKGnO9g%2FcysWktY5o%2BqM3K3qecRkUSpfQEe3Ha4saMBvcPR%2Bwe%2FGm14pHzTDfI22PtBQxFwGZ%2BooJavIDWuHwo5tyXdhCfBBXiVxz9QGBSZMSgQ54ZvOLpz6lVfklDW9rxXgGyRT3sYW%2BxgNegO89XtyuviibO0VwQNdNx864x6UAWs6WaVYlETzwbB5%2BAIp09by4Bee9OkV08VCQQvK638YLK3r%2BB0T63f6lg5qt56b%2BCKHti98qhPYqyfrQHxxzjhw5nc%2BQyk3mjoZ6N11raOILHJXkVoeRlmSFPLhf4vqUXrawO4SibaPr3EpOKqHFwH6UYj8TTBXEnbY6jgBMaLX0WLON52E4p1PGJEkqp8L%2B7BytJCSemqDMFDmhQ6yPsk2jfHkqt6qcDstlWTmrzLXL64DYzRJ%2Ff%2BNoFPGOlGzKXVtigOwYY94g1kGNHd4fMR0KwpGpyVCmgNd6QuySSLYuMijwIXIG8j5sYJdafnJiUEr8mt8BTB%2FNCStZq3Pq%2FHM8gYRXeOB%2BFot22BCh1peepL7tjMjMvyKadFV425EQV%2FaRWLqWAx0V1UyRoIa7n%2FezmhC1wRxYQULqVo5UD4DDxHzggrgm4CGwteu53XV2CwLD3Z6MytJUzuu1UjznSI5og9ecBnQhargfQ%3D%3D&s2s=1
Title: At 56, Laura Ingraham is Still Single and Now We Know Why popcornews

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=A%2Fq5iwsCE%2F22GPiw3BbIt%2FijJ9hEY8NheKRuk6HsGkFVpcrYGngE6NaxdmniW%2BpgEgWXZDLmZa0cCqgUYUchSrGoBb0BOuyWf0xMrSFgzf6GDjDVgR%2BKSnIQk3%2FoIPygkdnwTDKZen8UqOy53xPV7HJH9WSYOQGOP2BzBSlIbIXfD9YauAdsVfX5%2B0Yb9x%2Ba%2B604uW8mr8BxR6JS4B6O6wSAS9M%2BI48i36v3%2FE3mwH0viKP3Aw9NZS83om%2B6bT3yVjsx4N%2BxZYQi1OzGoEhS51jv6xaFN04RGuZstpJOwW05XXw7Q2tURpNi5hX05qrTwbH3YarfLl6LRUXEbSSa9TXptlBiRvEH%2Bx0tL2EVVod12yi4X3V2fmMMLYdbfvXNmnXMeW%2B1h60252zbdH%2Fu0rY0lnLCE5bxgRicI5adeV%2Fqw5JEcEDJOCgfB2PUZkVvIZfbhvtSKeMZvkoA8yREIragdsJOvfX3xhGaoOLSIIrAarrkQ5OL838D8kPX36nwXDuUcSqBE65yWkly%2FLdTDY%2Bb7DgAhYc9QteMxa3B0dZVs5YSlSWnTxBrTtnZ5xjMM3sPSKwqRFKkI4hiZl%2Fjxb04chvZ%2FsVYHFQZxwegt5kocAEbbK9S0%2FyeOfDLERbqAy2E%2BVL2KfPEVkCo9gLBdTfHze7d6Mpuck3eHMCEDl8BBPzItqdD9wq1QulO33LQyxpMoJw8NZSu0%2FJ6M7nwEZQsuPhe1P%2BHbA7x5KF3i7TXQ7WfC6oWWc2cq71gtug8rp8cRRFztid1yZ8o7nwAQq2p7wQUZHTAfHy58cFdY7CuI5sVX%2BiB4Mz33zuePzRbfa7qrtJwShO0utOurDs9e6YDOnoR8DdPxjXGgFqGet4Jjb%2Fm8RJGa6VgW%2FHVFtnQGZL2CK%2FSkWPaKYpto%2F3ncV58DQotyDn8bMu%2BMm%2Fjy0qFmGmrpSYxOYyHPlzvAraIS0oTIcgijTj1dG7IkOHOuvruI9v7LTf717vEQ24v%2FlHpX%2B7gji6%2B5Q1OXC2PlLumfHtuYRIKSZ9Cd0zACVBcpTlfaNAyoWLPt112AjzISFULxM94mVmzwA1fpYGzOIYFq%2F%2BrWEqggzn2qU1ZWrRAmqanQEFGbUr6GtB3%2F8vaLO8sER4B%2FI%2FCdfmhUMamhvDJXEjv7bbn%2BGK4DFTAw7jJMq4blfcCM5YGyhlZZ9TLfVGFdDnDyM54Tsu%2FjxkoyNlRwzXJXmRYfifAdwwe%2F4GsxIp8Qn14U9KrgCutQ6UInquAmbwYJiM7lZV8G%2BlZ6MbrgN%2Bp%2B2b2%2BJknXWxxTPObXpjaF0f0%2Fe%2FbzdWaz3dNmMNaDT5ZaX3%2Bw9Te1GDE2Tm6rbwdb%2FPO6dLoLrOI7C%2BK9QOuxdrKhdvWQB1%2Fyeb%2FufU%3D&s2s=1
Title: 12x More Efficient Than Solar Panels? Prepper's Invention Takes Country by Storm The Daily Survivor

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/8-facts-about-sasha-obama-that-were-kind-enough-to-share-with-you/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2JrdEZPdjA5ZGhj&muidn=kbktFOv09dhc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2JrdEZPdjA5ZGhj&muidn=kbktFOv09dhc&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=kbktFOv09dhc&google_ula={guid},5&google_gid=CAESENBIqfESI-CyAjdQJZAAjyE&google_cver=1

Request Chain 125

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=R1e34WdPwk0rNf2RXiwI&pi=mgid&tc=1

Request Chain 126

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=e31SSwxW4XX.AikABlF2gczIKg&expires=30&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6&gdpr=&gdpr_consent=&us_privacy=

Request Chain 127

https://x.bidswitch.net/sync?dsp_id=303&user_id=kbktFOv09dhc HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kbktFOv09dhc HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6

Request Chain 129

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=f4d65c47-c738-4e1a-955a-38ca3da5b4ac&ttl=1611087450

Request Chain 152

http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg HTTP 307
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg

Request Chain 153

http://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg HTTP 307
https://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg

Request Chain 158

http://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg HTTP 307
https://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg

Request Chain 159

http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg HTTP 307
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg

Request Chain 162

http://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg HTTP 307
https://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg

Request Chain 169

http://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg HTTP 307
https://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg

Request Chain 171

http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg HTTP 307
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg

183 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

119 KB
24 KB

660ms
645ms

Document
text/html

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

217e9091d2fdc535b6bd04ca61b1758b51088f194076f39c6693d4b3aa37dd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db60e75ff07b459ba5b86a1b7394a85471608495448; expires=Tue, 19-Jan-21 20:17:28 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s2; path=/
cf-ray: 604c0c066de02b71-FRA
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 072365d80100002b7109b9e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sun, 20 Dec 2020 20:17:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 20 Dec 2020 21:17:28 GMT
Location: https://beforeitsnews.com/
cf-request-id: 072365d7dc0000d6b54f23a000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 604c0c062a53d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 48ms
46ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 3867133
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AB18BC6BF0FB0D2C
x-amz-id-2: o33nsy79jaxjzlm6YbiGwCyHVKEwARoHWK/ibbFB8jKIM8eMUjnL/zr8m1IG+i0Brjh+NHXUp7g=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"165501590067c5189e81c831f77f81ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tjjN.jFT95DY_pkhk6.cTP9tpZK602Ny
cf-request-id: 072365da9000002b716b09b000000001
cf-ray: 604c0c0a89ce2b71-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
713 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79ea20c2453d614642047c888d9a9abe70f74839a3ab9f6f3450441f0d6d9042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Dec 2020 20:17:28 GMT
server: ESF
date: Sun, 20 Dec 2020 20:17:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Dec 2020 20:17:28 GMT

GET
H2 200 global-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/ 15 KB
3 KB 33ms
32ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb3c8e6d8177ed58739c0338a0de6acb391d0f0a857f0a351a99482061137455

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 355289
cf-polished: origSize=15622
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365da8f00002b711b17d000000001
last-modified: Sun, 15 Nov 2020 17:34:05 GMT
server: cloudflare
etag: W/"5fb1668d-3d06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c0a79c52b71-FRA
expires: Wed, 23 Dec 2020 17:35:59 GMT

GET
H2 200 fancybox-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 35ms
34ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20201116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 323874
cf-polished: origSize=8029
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365da8f00002b713501f000000001
last-modified: Sun, 15 Nov 2020 17:34:05 GMT
server: cloudflare
etag: W/"5fb1668d-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c0a79c82b71-FRA
expires: Thu, 24 Dec 2020 02:19:34 GMT

GET
H2 200 home-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/ 28 KB
6 KB 39ms
38ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20201116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca6c4dae8dc680a4595921bae7b66ab8bede58bee181a639464d14d1e780ddf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 355286
cf-polished: origSize=28775
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365da9000002b71602e3000000001
last-modified: Sun, 15 Nov 2020 17:34:05 GMT
server: cloudflare
etag: W/"5fb1668d-7067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c0a79ca2b71-FRA
expires: Wed, 23 Dec 2020 17:36:02 GMT

GET
H2 200 responsive-bin-rev-20201116.css
beforeitsnews.com/static/css-v3/ 20 KB
3 KB 37ms
36ms Stylesheet
text/css 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20201116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ab8d3ab886ebd79b8127eb85c077b40f7c5e92fb28da6526aa421188910c793

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 322973
cf-polished: origSize=20164
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365da9000002b7106172000000001
last-modified: Sun, 15 Nov 2020 17:34:05 GMT
server: cloudflare
etag: W/"5fb1668d-4ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c0a79cb2b71-FRA
expires: Thu, 24 Dec 2020 02:34:35 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 39ms
38ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1346052
cf-polished: origSize=149701
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365da9000002b712397b000000001
last-modified: Tue, 13 Aug 2019 07:42:38 GMT
server: cloudflare
etag: W/"5d5269ee-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c0a89d32b71-FRA
expires: Sat, 12 Dec 2020 06:23:16 GMT

GET
H2 200 global-bin-rev-20201116.js Show response
beforeitsnews.com/static/js-v3/ 19 KB
5 KB 43ms
42ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff943bf582a2b6018789b174549a271cec3f8e9eca1a0375452bc9f32d38e140

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 355289
cf-polished: origSize=19654
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365da9300002b714024c000000001
last-modified: Sun, 15 Nov 2020 17:33:23 GMT
server: cloudflare
etag: W/"5fb16663-4cc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c0a89d42b71-FRA
expires: Wed, 23 Dec 2020 17:35:59 GMT

GET
H2 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 42ms
29ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 235327
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
cf-request-id: 072365dae100002b715821e000000001
last-modified: Mon, 18 Jun 2018 21:28:42 GMT
server: cloudflare
etag: "5b28240a-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b642b71-FRA
expires: Sat, 18 Dec 2021 02:55:21 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/hdSplGl0fj4/ 20 KB
21 KB 38ms
6ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/hdSplGl0fj4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb60bec727121d5594d984f8313dc70aac2ba35e977d9db9030e2402c3515a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:14:11 GMT
x-content-type-options: nosniff
server: sffe
age: 197
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20966
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:19:11 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/YHaSsqT6kf0/ 24 KB
24 KB 45ms
14ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/YHaSsqT6kf0/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8286ea3b6cc5ae49e5a9f5c3f76cdcfb6433e338f85a03cfd9a0bbbd914a82f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:14:11 GMT
x-content-type-options: nosniff
server: sffe
age: 197
etag: "1608390667"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24311
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:19:11 GMT

GET
H/1.1 200
OK 1684f51f-5c1e-4e72-8a78-d276b8d4d1ed
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/ 23 KB
23 KB 535ms
139ms Image
image/jpeg 52.216.16.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/1684f51f-5c1e-4e72-8a78-d276b8d4d1ed
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.16.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6a913174f23ae7ddee498f45566d9ebb0544343afe5d486bb3f7f6ce6eaa6d49

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:30 GMT
Last-Modified: Sun, 20 Dec 2020 12:35:44 GMT
Server: AmazonS3
x-amz-request-id: AP1WCS2PCRAMEN4P
ETag: "a86758da120cde5096ed00fbf07876c7"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 23336
x-amz-id-2: Iqu1B/inAsPHBkuau/gCqcWuqx5+ghGKHsBseIDHQ2rtTxLormmD3TI7EG//ae75f2fjop0IRO0=

GET
H2 200 JFK-911.gif
jamesredpillsamerica.com/images/ 34 MB
34 MB 60ms
21ms Image
image/gif 2606:4700:3034::681c:1cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/JFK-911.gif
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1cf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1c5ca09f2fe63aa454e4f33337f32024dd0191adfe2316321aca763d9b12267

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 104280
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 35171027
cf-request-id: 072365dafb00002b225aa48000000001
last-modified: Sat, 19 Dec 2020 15:12:57 GMT
server: cloudflare
etag: "5fde1879-218aad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pUGA2myjKgSZE7xgDPtAv13HEbL9gaS3BUvUnclZtArLBSpGlm0dyekrPYqfN%2BWZcv%2FIlEkxPikaYq%2FvLMjsCgGnYVg7XilHEFnu6DC7dvYUyu1fQPstim4hDQUuNrDq7uUHbLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c0b28892b22-FRA
expires: Sun, 19 Dec 2021 15:19:32 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/xINeL_wF7Qk/ 14 KB
14 KB 39ms
7ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/xINeL_wF7Qk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18f19bd3e00fe8248d8c715e257c2ceab27f19092344b6a16d6f0636cad76131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:13:37 GMT
x-content-type-options: nosniff
server: sffe
age: 231
etag: "1608335358"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13852
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:18:37 GMT

GET
H2 200 220px-President_Donald_Trump_and_Lin_Wood.jpg
upload.wikimedia.org/wikipedia/commons/thumb/6/6f/President_Donald_Trump_and_Lin_Wood.jpg/ 14 KB
14 KB 53ms
14ms Image
image/webp 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/6/6f/President_Donald_Trump_and_Lin_Wood.jpg/220px-President_Donald_Trump_and_Lin_Wood.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

c7713f7108560b28c40f0e7fcd50f5ce1ffe3db8ab45724c79efa0c56c03ce07

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 15:52:59 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 15870
x-cache-status: hit-front
x-cache: cp3065 hit, cp3063 hit/306
server-timing: cache;desc="hit-front"
content-length: 14178
x-client-ip: 2a01:4f8:192:5414::2
last-modified: Thu, 01 Oct 2020 02:12:14 GMT
server: ATS/8.0.8
etag: e31562119bf2a2c22a7a595edfe011dd
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1601518333.46914
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 OIP%20(9)(1).jpg
beforeitsnews.com/contributor/upload/106013/images/ 25 KB
26 KB 45ms
32ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/OIP%20(9)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9efff5970b479d5a02f300e10b15f5529c38c10a19906a1ac900484581f30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 80709
cf-polished: origSize=27585, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25993
cf-request-id: 072365dae200002b713cb8b000000001
last-modified: Sat, 19 Dec 2020 21:48:38 GMT
server: cloudflare
etag: "5fde7536-6bc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b6a2b71-FRA
expires: Sun, 19 Dec 2021 21:52:18 GMT

GET
H2 200 EVIL.jpg
jamesredpillsamerica.com/images/ 538 KB
540 KB 52ms
14ms Image
image/jpeg 2606:4700:3034::681c:1cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/EVIL.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1cf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f0e80aa16c0703f0454dbf4b88664fd7fac80466a92f455559c77b57f80f4c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5950
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 551262
cf-request-id: 072365dafc00002b2246890000000001
last-modified: Sun, 20 Dec 2020 18:34:28 GMT
server: cloudflare
etag: "5fdf9934-8695e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5VhqZ0cMPbyJ6NzINSieRqY1shGNN7hWlY7UVGpc5y7qysEnO7DrFKv9TzpYpifBjAX6Mps1r90VLJgzEvhnuZX7dHffBv29we8moO1RNB3NwuUm3slKajnQKeX3qaLymo3Iheo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c0b288b2b22-FRA
expires: Mon, 20 Dec 2021 18:38:21 GMT

GET
H/1.1 200
OK 800a1d99-a10a-46fa-9810-496777c27952
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/ 23 KB
23 KB 530ms
132ms Image
image/jpeg 52.216.16.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/800a1d99-a10a-46fa-9810-496777c27952
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.16.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c45b1eec80e5b5d7f5db645c857a91d38160f5985214f5c0f0662236c4e5a513

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:30 GMT
Last-Modified: Sat, 19 Dec 2020 15:40:52 GMT
Server: AmazonS3
x-amz-request-id: BW3Z6R9KAK9YDQ3T
ETag: "998a713655eb77dd96bc6f922f28a39c"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 23294
x-amz-id-2: MkEFGhaColgqk4ozQYEzHs7nzL+/A1V4hyF/HFIIP8527ukvExUqjOcHA87Czp3Xpt1EdrTwU10=

GET
H2 200 Gates_Fauci_NWO_Virus.png
beforeitsnews.com/contributor/upload/713008/images/ 59 KB
59 KB 57ms
45ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/713008/images/Gates_Fauci_NWO_Virus.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ffb67ad8dc98a3891ae39f32c274b98e9b9ce7e96c1cb99468c16119b82d02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 140844
cf-polished: origFmt=png, origSize=69729
content-disposition: inline; filename="Gates_Fauci_NWO_Virus.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60352
cf-request-id: 072365dae300002b7102232000000001
last-modified: Sat, 19 Dec 2020 05:02:58 GMT
server: cloudflare
etag: "5fdd8982-11061"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b6c2b71-FRA
expires: Sun, 19 Dec 2021 05:10:04 GMT

GET
H2 200 Simon_Park%20.png
beforeitsnews.com/contributor/upload/713008/images/ 72 KB
73 KB 70ms
58ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/713008/images/Simon_Park%20.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3fded1f2cf2fb3e7347408392b688efc920047702435afc9d17244e802496f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 96210
cf-polished: origFmt=png, origSize=89541
content-disposition: inline; filename="Simon_Park%20.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74138
cf-request-id: 072365dae200002b7143b77000000001
last-modified: Sat, 19 Dec 2020 17:28:55 GMT
server: cloudflare
etag: "5fde3857-15dc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b702b71-FRA
expires: Sun, 19 Dec 2021 17:33:58 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/khpT_TVbmyc/ 35 KB
35 KB 39ms
10ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/khpT_TVbmyc/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fad8c9f03c024d5b95c3503270dad839a5b3805c8f6cc32e013feb29890e31e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:14:11 GMT
x-content-type-options: nosniff
server: sffe
age: 197
etag: "1608477120"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36065
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:19:11 GMT

GET
H2 200 4r34ss.jpg
i.imgflip.com/ 142 KB
142 KB 88ms
42ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4r34ss.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7965c26cebd0d53bf6221be5b8ac482fc7cf532c099fee646afa5b6afc07ce51

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
cf-cache-status: HIT
age: 13144
cf-polished: origSize=145988
cf-ray: 604c0c0b7ed81d0e-CPH
content-length: 145030
x-amz-id-2: yK89yLNUue1KYOrxuRgKo0hlPxtvAJa8ypWds6tVnKpetpzVLJYmEDh6XTXY8Zd8oY3OAUOE5Xw=
last-modified: Sun, 20 Dec 2020 16:28:10 GMT
server: cloudflare
etag: "ce2e937b1464e69fb3c0cffd09687640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 02C7F107D290F51B
access-control-allow-origin: *
expires: Wed, 18 Dec 2030 20:17:28 GMT
cache-control: public, max-age=315360000
cf-request-id: 072365db2a00001d0e37aad000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 maxresdefault.jpg
i.ytimg.com/vi/HXyIehh2oI8/ 170 KB
170 KB 46ms
25ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/HXyIehh2oI8/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4c604a41fcbff202d58a5849f90896ce094a515b46afd1133442ad96dd7f2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:13:37 GMT
x-content-type-options: nosniff
server: sffe
age: 231
etag: "1608228753"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 173891
x-xss-protection: 0
expires: Sun, 20 Dec 2020 22:13:37 GMT

GET
H/1.1 200
OK ed6e6b96-d520-40ec-b3ef-f48526dcb963
s3.amazonaws.com/webseed-realvideo-thumbnail/poster/ 117 KB
118 KB 498ms
139ms Image
image/jpeg 52.216.16.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/poster/ed6e6b96-d520-40ec-b3ef-f48526dcb963
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.16.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 42ad5e7034d51439f53541b9f772f5e4ef07b085f1e5cdc381b01872a02d131f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:30 GMT
Last-Modified: Thu, 17 Dec 2020 19:24:46 GMT
Server: AmazonS3
x-amz-request-id: 78E610F812B06460
ETag: "3224059a7e73923be36032e3f47e109e"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 120113
x-amz-id-2: dFw3gf1mS8PRyP2sieZnF3XGuH83LGh+3royRYc+a4Ado1lx1XF05P9Se6LrhntyrrIqdghpwLs=

GET
H2 200 S44dJjxDTuNZ_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 35 KB
35 KB 152ms
57ms Image
image/jpeg 185.59.220.193
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/S44dJjxDTuNZ_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-185-59-220-193.datapacket.com

Software

BunnyCDN-DE1-601 /

Resource Hash

076a94b81494d3391aef8d653126cf909d60999aec689ee2a1b4c048d042948a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000006aa0217-005fde8094-43b55da-nyc3a
cdn-cachedat: 2020-12-19 23:37:08
cdn-pullzone: 89010
content-length: 35520
last-modified: Sat, 19 Dec 2020 22:30:53 GMT
server: BunnyCDN-DE1-601
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: b6f2abc047d7d31cf58fef46798bbf35
accept-ranges: bytes
cdn-requestcountrycode: DK

GET
H2 200 WARRIORS.jpg
jamesredpillsamerica.com/images/ 773 KB
774 KB 27ms
16ms Image
image/jpeg 2606:4700:3034::681c:1cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/WARRIORS.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1cf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd7dc2b9d1e9e9562ceb6ff721a7ff6a07fe97816074bc58ce14ce16a61aaf07

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 345724
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 791316
cf-request-id: 072365db0a00002b222c0c7000000001
last-modified: Wed, 16 Dec 2020 19:58:28 GMT
server: cloudflare
etag: "5fda66e4-c1314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P5OEHw65Lh8CAmRpvOERPyGw9iW0TvS00RxSzH84FPsWYGxIvkoRD5YnPIvAlafKCcZn55Q8urh3xOKvNsQEJxvVyvpvfUqy93qQEnK8R7IKH4n%2FXeAxk6Og6peqPzoBY3M%2FGm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c0b48bf2b22-FRA
expires: Thu, 16 Dec 2021 20:15:28 GMT

GET
H2 200 HcvLo7oPXw0f_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 31 KB
31 KB 170ms
77ms Image
image/jpeg 185.59.220.193
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/HcvLo7oPXw0f_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-185-59-220-193.datapacket.com

Software

BunnyCDN-DE1-601 /

Resource Hash

af030f5110b979cdb6088e157af646ed84fb48843cdf9003b5cbd652fca89f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2020-12-18 23:46:37
cdn-pullzone: 89010
content-length: 31538
x-amz-request-id: tx00000000000000617c899-005fdd314d-43b55da-nyc3a
last-modified: Fri, 18 Dec 2020 22:42:20 GMT
server: BunnyCDN-DE1-601
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 2084d6e432aace5d7635498572cc8cf2
accept-ranges: bytes
cdn-requestcountrycode: DK

GET
H2 200 OIP%20(4)(5).jpg
beforeitsnews.com/contributor/upload/106013/images/ 12 KB
12 KB 40ms
29ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/OIP%20(4)(5).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abe20d0d93c6b8e49e75dcc575d4e7acb994a7b382077ecfa5eb363002fe9fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 181211
cf-polished: origSize=13698, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12588
cf-request-id: 072365dae200002b711d394000000001
last-modified: Fri, 18 Dec 2020 17:53:13 GMT
server: cloudflare
etag: "5fdcec89-3582"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b722b71-FRA
expires: Sat, 18 Dec 2021 17:57:17 GMT

GET
H2 200 201208_DrElkeFdeKlerk_onCovidVaccine.jpg
beforeitsnews.com/contributor/upload/418130/images/ 49 KB
49 KB 46ms
35ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/418130/images/201208_DrElkeFdeKlerk_onCovidVaccine.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7076ae1f2fdb36099390661d9b82ff46cb3b4256bd3f31160f959f2e87e425b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 238195
cf-polished: origFmt=jpeg, origSize=175491
content-disposition: inline; filename="201208_DrElkeFdeKlerk_onCovidVaccine.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49942
cf-request-id: 072365dae300002b7107317000000001
last-modified: Wed, 16 Dec 2020 11:33:51 GMT
server: cloudflare
etag: "5fd9f09f-2ad83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b752b71-FRA
expires: Sat, 18 Dec 2021 02:07:33 GMT

GET
H2 200 primary-share.png
cf.girlsaskguys.com/q4257705/ 510 KB
511 KB 52ms
21ms Image
image/webp 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.girlsaskguys.com/q4257705/primary-share.png?69
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b6e3ebaf6239b54e5814a5f4d16adecd07cd73642d10f9f5cf7190ae9b9c3d2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 71167
cf-polished: origFmt=png, origSize=1971355
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: inline; filename="primary-share.webp"
content-length: 521788
cf-request-id: 072365db25000005f110358000000001
x-amz-meta-image-width: 1200
x-amz-meta-image-height: 630
last-modified: Tue, 11 Aug 2020 12:05:26 GMT
server: cloudflare
etag: "b6b379864fbbd817551c72809720e253"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FF0ec9dp%2BFeXM5Hp0eqgMzHzxzpbs0OmqdM47dR2iVTK0X6aC18z%2BEzBPbZkCw%2FC4IIXytrYG2WjXmTluXY3ohzF9LdSH0jO9LELLz8%2BQ%2Fv0zpr1nYeMGljTs7vrOzSI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 604c0c0b6d7105f1-FRA
x-amz-cf-id: 6a5dU22F9lp4XD6kOn3WznIzdo7DkynbUR2i2GAwExsOjY0umHKG5g==
cf-bgj: imgq:85,h2pri

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/_--2NFX6qbg/ 9 KB
9 KB 45ms
26ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/_--2NFX6qbg/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33848ec15971b15bb25dd1e42dd1abcfb0b521c8c1363e5ffd5da7804a38ccb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 19:28:32 GMT
x-content-type-options: nosniff
server: sffe
age: 2936
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9259
x-xss-protection: 0
expires: Sun, 20 Dec 2020 21:28:32 GMT

GET
H2 200 KYPUHF.png
iili.io/ 235 KB
235 KB 56ms
16ms Image
image/png 2606:4700:3036::681b:95d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/KYPUHF.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72c8257271d5ac677ab2c9ff8a29220a7128c639b73db95db9cf3ad03ef96f7c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
access-control-allow-methods: GET, OPTIONS
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7171
content-length: 240136
cf-request-id: 072365db35000063dd901cd000000001
last-modified: Sun, 20 Dec 2020 18:06:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ps9%2B2WRqSyVt49uiacnmYbB3vArFj%2B68GJ6m0Yuanb5%2FfNYZ5fZeTDKxB%2Bp4oolcLR9lV4R9Eu0nXuYZZYN0CmflHvERNs6YfNgP5FC2J3S4dY4%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 604c0c0b8f3863dd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK JESUS-IS-MISSING.jpg
www.morningstar.ng/wp-content/uploads/2016/11/ 8 KB
8 KB 303ms
245ms Image
image/jpeg 81.19.215.5
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.morningstar.ng/wp-content/uploads/2016/11/JESUS-IS-MISSING.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Server: 81.19.215.5 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS: delta.cloudns.io
Software: nginx /
Resource Hash: 5abd1fc8bb2f006078e2cd79cabd76eeb26b4c6c9335fa27ab6c9aaa223fb178

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:29 GMT
Last-Modified: Fri, 11 Nov 2016 15:19:17 GMT
Server: nginx
Accept-Ranges: bytes
Content-Type: image/jpeg
Cache-Control: public, max-age=604800, max-age=864000
X-Turbo-Charged-By: LiteSpeed
cluster-host: delta.cloudns.io
Content-Length: 8065
Expires: Sun, 27 Dec 2020 20:17:29 GMT

GET
H2 200 giphy.gif
media0.giphy.com/media/HcmgjlrPVKr6w/ 1 MB
1 MB 139ms
57ms Image
image/gif 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media0.giphy.com/media/HcmgjlrPVKr6w/giphy.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b1d10f374a222e7a7d724948597eac631b69416251cbad0396610788157a10b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 629326
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1278188
x-served-by: cache-bwi5126-BWI, cache-fra19182-FRA
last-modified: Fri, 23 Sep 2016 21:50:49 GMT
x-timer: S1608495449.023079,VS0,VE1
etag: "092cd842c5cc989adea79422cf894e4f"
strict-transport-security: max-age=86400
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK image.jpg
www.stripes.com/polopoly_fs/1.632291.1591206259!/image/image.jpg_gen/derivatives/landscape_900/ 132 KB
132 KB 738ms
242ms Image
image/jpeg 168.62.40.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/polopoly_fs/1.632291.1591206259!/image/image.jpg_gen/derivatives/landscape_900/image.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 168.62.40.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ARR/2.5, ASP.NET
Resource Hash: f58900c46838dd616dac2002cb511eac3c10753adc10a855073c883e0785f81c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:28 GMT
Cache-Control: max-age=1209600
Last-Modified: Wed, 03 Jun 2020 17:50:32 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ARR/2.5, ASP.NET
Content-Length: 135312
Content-Type: image/jpeg

GET
H2 200 captura1-1-687x366.png
m.thebl.com/wp-content/uploads/2020/12/ 294 KB
295 KB 54ms
21ms Image
image/png 2606:4700:3036::ac43:9f4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.thebl.com/wp-content/uploads/2020/12/captura1-1-687x366.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:9f4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c50101c34398597ac1ea3e5358ea9e1d801807b0317b4363252bd95193614ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 147285
strict-transport-security: max-age=63072000
content-length: 301012
cf-request-id: 072365db7a0000dfe7fd802000000001
last-modified: Tue, 01 Dec 2020 21:30:53 GMT
server: cloudflare
etag: "5fc6b60d-497d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gpART18%2F9wDLX%2BqDYZVeueoq9KeLPtTOl4eUxRl7axgdroZ25tON2KWxi9fPFNeQW7j%2BamC5Eee9tRBw0taTS1w0I9rknJEKMIiV13%2BwQLr%2F9olGdpwW%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 604c0c0bfe33dfe7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 R45f24f262ed5ae268c68f326a8855a7e.jpg
beforeitsnews.com/contributor/upload/106013/images/ 32 KB
32 KB 40ms
30ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/R45f24f262ed5ae268c68f326a8855a7e.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

202592cabd88a9b1b38ecae8c933a78f9f39355ffc9b2f24aadd13eda9518a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 5733
cf-polished: origFmt=jpeg, origSize=86762
content-disposition: inline; filename="R45f24f262ed5ae268c68f326a8855a7e.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32636
cf-request-id: 072365dae300002b712fbbc000000001
last-modified: Sun, 20 Dec 2020 18:39:19 GMT
server: cloudflare
etag: "5fdf9a57-152ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b762b71-FRA
expires: Mon, 20 Dec 2021 18:41:55 GMT

GET
H2 200 loading.gif
beforeitsnews.com/img/v3/ 14 KB
14 KB 60ms
50ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 236357
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
cf-request-id: 072365dae300002b7163ad9000000001
last-modified: Wed, 13 Jun 2018 18:37:21 GMT
server: cloudflare
etag: "5b216461-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b772b71-FRA
expires: Sat, 18 Dec 2021 02:38:11 GMT

GET
H2 200 David-Dees-artwork.png
tntrafficticket.us/wp-content/uploads/2017/05/ 1 MB
1 MB 528ms
185ms Image
image/png 35.226.130.62
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tntrafficticket.us/wp-content/uploads/2017/05/David-Dees-artwork.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.226.130.62 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.130.226.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: eff11b862f4349b2473385aa90d66e0ac6d3be33f4c288a42715e351a6d72186

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
last-modified: Sat, 08 Aug 2020 09:39:22 GMT
server: nginx
etag: "5f2e72ca-11473c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1132348

GET
H2 200 OIP%20(7)(1).jpg
beforeitsnews.com/contributor/upload/106013/images/ 12 KB
12 KB 56ms
46ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/OIP%20(7)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30bfc868243575bd7a29d4f8d36a453b5570f2e8792f1ba989fee23ee04ab890

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 101420
cf-polished: origSize=13246, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11988
cf-request-id: 072365dae400002b71f9985000000001
last-modified: Sat, 19 Dec 2020 16:05:37 GMT
server: cloudflare
etag: "5fde24d1-33be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b7a2b71-FRA
expires: Sun, 19 Dec 2021 16:07:08 GMT

GET
H/1.1 200
OK 9d63140d-19ed-4a45-a042-a2531d1d2383
s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/ 240 KB
240 KB 512ms
142ms Image
image/png 52.216.16.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/thumbnail/9d63140d-19ed-4a45-a042-a2531d1d2383
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.16.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2b7929406c9755bddeee14792c5bc628ed511e22c49aa54d43181307ca7bed67

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:30 GMT
Last-Modified: Sat, 19 Dec 2020 15:21:07 GMT
Server: AmazonS3
x-amz-request-id: 52FD2B4578E90BF3
ETag: "1a699d9e34654317cdf313f785b272b8"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 245537
x-amz-id-2: W0yvWhThJze+EHjGuhpBuMBrfD/DcGEVcFpRn9wohVV4ZKzD3qZ7usiTAWMJubipqLFHPzHTeVQ=

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/oqtNkhKGgmo/ 24 KB
25 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/oqtNkhKGgmo/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068cfc47e4df1a96edc34feae19e7038274de7b1cafc9f733d72627d22471822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:07 GMT
x-content-type-options: nosniff
server: sffe
age: 21
etag: "1608411756"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25080
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:22:07 GMT

GET
H2 200 Screenshot%202020-12-16%20235527.png
beforeitsnews.com/contributor/upload/713008/images/ 109 KB
110 KB 52ms
43ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/713008/images/Screenshot%202020-12-16%20235527.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a30390ed3206a8f05a65b99556f6f732dac17ee26ef5a774f6d10980bd25a985

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 303049
cf-polished: origFmt=png, origSize=199527
content-disposition: inline; filename="Screenshot%202020-12-16%20235527.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111840
cf-request-id: 072365dae600002b71f9986000000001
last-modified: Thu, 17 Dec 2020 07:56:02 GMT
server: cloudflare
etag: "5fdb0f12-30b67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b7c2b71-FRA
expires: Fri, 17 Dec 2021 08:06:39 GMT

GET
H2 200 hqdefault(287).jpg
beforeitsnews.com/contributor/upload/106013/images/ 14 KB
15 KB 65ms
57ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/hqdefault(287).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 711433
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14766
cf-request-id: 072365dae600002b7115b90000000001
last-modified: Fri, 14 Aug 2020 20:18:17 GMT
server: cloudflare
etag: "5f36f189-39ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b802b71-FRA
expires: Sun, 12 Dec 2021 14:40:15 GMT

GET
H2 200 heymyTMAqbNI_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ 47 KB
48 KB 89ms
85ms Image
image/jpeg 185.59.220.193
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/heymyTMAqbNI_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-185-59-220-193.datapacket.com

Software

BunnyCDN-DE1-601 /

Resource Hash

81ef4e25e521f81d0efd5d1dd5885a1e4e39b1b9974bdc3117d7a9dbc1133e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx0000000000000067c1f67-005fde1b74-43b205e-nyc3a
cdn-cachedat: 2020-12-19 16:25:41
cdn-pullzone: 89010
content-length: 48404
last-modified: Sat, 19 Dec 2020 15:23:51 GMT
server: BunnyCDN-DE1-601
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: ece76ae0461136ef155aa641f8d645d3
accept-ranges: bytes
cdn-requestcountrycode: DK

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/DkiQdcP3DOQ/ 38 KB
38 KB 15ms
12ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/DkiQdcP3DOQ/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ad2e69f7c7ccca553946ca3ce67e4249ad4315d7341136f1fdb6559d33e7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 19:31:48 GMT
x-content-type-options: nosniff
server: sffe
age: 2740
etag: "1607891060"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39214
x-xss-protection: 0
expires: Sun, 20 Dec 2020 21:31:48 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/QoBj-RGaZyE/ 24 KB
24 KB 15ms
12ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/QoBj-RGaZyE/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35a82ddaf03e843fc4768f9bce9fb256510d791d9dadac092442f284ffb8caf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 19:14:43 GMT
x-content-type-options: nosniff
server: sffe
age: 3765
etag: "1608168802"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24989
x-xss-protection: 0
expires: Sun, 20 Dec 2020 21:14:43 GMT

GET
H2 200 Screen%20Shot%202020-12-20%20at%202_39_35%20AM.jpg
beforeitsnews.com/contributor/upload/724569/images/ 30 KB
30 KB 58ms
50ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-12-20%20at%202_39_35%20AM.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a54585280d1028d7638386af088652705a69740d5a8f296eafc7f98ba8554c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 68676
cf-polished: origSize=36025, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30579
cf-request-id: 072365dae500002b713a203000000001
last-modified: Sun, 20 Dec 2020 00:43:57 GMT
server: cloudflare
etag: "5fde9e4d-8cb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b852b71-FRA
expires: Mon, 20 Dec 2021 01:12:52 GMT

GET
H3-Q050 200 maxresdefault.jpg
i.ytimg.com/vi/MAu9QKT_TxI/ 229 KB
229 KB 16ms
13ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/MAu9QKT_TxI/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

670dafc78bf28e92c618b32088cb7398f402bbf4f7135e224532fd391848f5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:08:35 GMT
x-content-type-options: nosniff
server: sffe
age: 533
etag: "1607998992"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234708
x-xss-protection: 0
expires: Sun, 20 Dec 2020 22:08:35 GMT

GET
H2 200 143cMeT0GhjK_640x360.jpg
static-3.bitchute.com/live/cover_images/uvOyUZINubUd/ 36 KB
36 KB 88ms
85ms Image
image/jpeg 185.59.220.193
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/uvOyUZINubUd/143cMeT0GhjK_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-185-59-220-193.datapacket.com

Software

BunnyCDN-DE1-601 /

Resource Hash

787a94617c4a8b88d9f0a92e0eac8fed28c7d35f296028a550725464aee28539

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid: 565
x-amz-request-id: tx0000000000000062531dd-005fdd6638-43ba6e0-nyc3a
cdn-cachedat: 2020-12-19 03:32:24
cdn-pullzone: 89010
content-length: 36678
last-modified: Sat, 19 Dec 2020 01:44:11 GMT
server: BunnyCDN-DE1-601
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 37b250c4efb4eaff53f8335973c03353
accept-ranges: bytes
cdn-requestcountrycode: DK

GET
H/1.1 200
OK headsup.jpg
www.dancebase.co.uk/media/ 73 KB
73 KB 430ms
77ms Image
image/jpeg 213.138.111.133
BYTEMARK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dancebase.co.uk/media/headsup.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.138.111.133 , United Kingdom, ASN35425 (BYTEMARK-AS, GB),
Reverse DNS: lauren-live.default.laurenkyla.uk0.bigv.io
Software: Apache/2.2.22 (Debian) /
Resource Hash: 869f59c636c830291e34258562dd42f73c35334e267037c93770001d61f78a49

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:29 GMT
Last-Modified: Mon, 22 Jun 2015 13:04:49 GMT
Server: Apache/2.2.22 (Debian)
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 74894
Expires: Mon, 20 Dec 2021 20:17:29 GMT

GET
H/1.1 200
OK pasted_image_0.png
www.rumormillnews.com/pix/ 699 KB
699 KB 285ms
255ms Image
image/png 45.79.195.246
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rumormillnews.com/pix/pasted_image_0.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Server: 45.79.195.246 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: fb3510b827835b851396cd05695713efff68826162ca27a73298fb29ee46a1f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:29 GMT
Last-Modified: Sat, 05 Dec 2020 08:37:38 GMT
Server: Apache/2.4.10 (Debian)
ETag: "aeabb-5b5b381650e3e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 715451

GET
H2 200 A_A_A_Twenty.jpg
beforeitsnews.com/contributor/upload/428376/images/ 86 KB
87 KB 40ms
33ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/428376/images/A_A_A_Twenty.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd2a129f29805ca234b0c8374aec9b74a9795d1a0d1c3335bf42041839e843aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 272594
cf-polished: origSize=95876, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88361
cf-request-id: 072365dae500002b710eb43000000001
last-modified: Thu, 26 Dec 2019 06:44:30 GMT
server: cloudflare
etag: "5e0456ce-17684"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b862b71-FRA
expires: Fri, 17 Dec 2021 16:34:14 GMT

GET
H3-Q050 200 maxresdefault.jpg
i.ytimg.com/vi/Ju8YFsQlC-8/ 139 KB
139 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Ju8YFsQlC-8/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904df826ac2b2bc80617fe91ac632a4aaea6c2ebccf269bf87f355deb39d870e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:15:16 GMT
x-content-type-options: nosniff
server: sffe
age: 132
etag: "1608389487"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141846
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:20:16 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/Dgm23U61IVk/ 39 KB
39 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Dgm23U61IVk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e11856b669d80ade06681b95ec9d41db8534aeeb3ea8065652976e2bc047f2f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:14:08 GMT
x-content-type-options: nosniff
server: sffe
age: 200
etag: "1608353125"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39478
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:19:08 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/dtsTz_X8gEY/ 34 KB
34 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/dtsTz_X8gEY/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6577682a5529ae8edd2fde1f3e5c68ef89277a0f12d47c413d10b7d8052621dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:14:08 GMT
x-content-type-options: nosniff
server: sffe
age: 200
etag: "1608324089"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34552
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:19:08 GMT

GET
H2 200 COVERL1.jpg
beforeitsnews.com/contributor/upload/713008/images/ 103 KB
104 KB 49ms
41ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/713008/images/COVERL1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd54d4a7921368bbd3e05cf10723d022ba0835e9803c58d7f52d5ecf75c27422

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 321599
cf-polished: origSize=121230, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105731
cf-request-id: 072365dae600002b714f387000000001
last-modified: Thu, 26 Nov 2020 01:38:22 GMT
server: cloudflare
etag: "5fbf070e-1d98e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b882b71-FRA
expires: Fri, 17 Dec 2021 02:57:29 GMT

GET
H2 200 119910218_10217282796251765_3908116604306313738_n.jpg
beforeitsnews.com/contributor/upload/106013/images/ 55 KB
55 KB 35ms
27ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/119910218_10217282796251765_3908116604306313738_n.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d20a1591dde0743e137347b77f33c79b3584572ea652a6fc646888126b11279

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 189496
cf-polished: origSize=57056, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55995
cf-request-id: 072365dae600002b715d0ff000000001
last-modified: Fri, 18 Dec 2020 15:33:20 GMT
server: cloudflare
etag: "5fdccbc0-dee0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b892b71-FRA
expires: Sat, 18 Dec 2021 15:39:11 GMT

GET
H2 200 ahHCAP8XUUnb_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ 37 KB
38 KB 84ms
83ms Image
image/jpeg 185.59.220.193
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ahHCAP8XUUnb_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-185-59-220-193.datapacket.com

Software

BunnyCDN-DE1-601 /

Resource Hash

3294edd61742f6999c2213e052f5f42b0dd238a09302160e0a46d38eabe0d9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000000311efc6-005fd664a1-43b55da-nyc3a
cdn-cachedat: 2020-12-13 19:59:45
cdn-pullzone: 89010
content-length: 37957
last-modified: Sun, 13 Dec 2020 18:54:23 GMT
server: BunnyCDN-DE1-601
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: bac53f0cbb7f804e6e988582d7b0aa60
accept-ranges: bytes
cdn-requestcountrycode: DK

GET
H2 200 ads.png
beforeitsnews.com/img/v3/ 34 B
250 B 53ms
46ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 336373
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
cf-request-id: 072365dae800002b7125a1c000000001
last-modified: Thu, 30 May 2019 00:55:31 GMT
server: cloudflare
etag: "5cef2a03-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0b9e2b71-FRA
expires: Thu, 16 Dec 2021 22:51:15 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/CTlpF_kDvH0/ 16 KB
16 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/CTlpF_kDvH0/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a6e86570464befe62f0ad86019c338114068721e30b377cad095eeef4792522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16478
x-xss-protection: 0
expires: Sun, 20 Dec 2020 22:17:28 GMT

GET
H2 200 scientist_reveals_real.jpg
beforeitsnews.com/img/banner2020/ 45 KB
45 KB 43ms
36ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 236209
cf-polished: origFmt=jpeg, origSize=55516
content-disposition: inline; filename="scientist_reveals_real.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46020
cf-request-id: 072365daec00002b710731a000000001
last-modified: Sat, 24 Oct 2020 03:28:46 GMT
server: cloudflare
etag: "5f939f6e-d8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0ba02b71-FRA
expires: Sat, 18 Dec 2021 02:40:39 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/RFzTuaVS8Kk/ 11 KB
12 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/RFzTuaVS8Kk/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83980d2c6be63121ae377e3315c6bdc744309de315d43983dbadf8bd611b4a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11732
x-xss-protection: 0
expires: Sun, 20 Dec 2020 22:17:28 GMT

GET
H2 200 emigrate2.jpeg
beforeitsnews.com/img/banner2020/ 55 KB
55 KB 45ms
39ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner2020/emigrate2.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1334393
cf-polished: origSize=56198, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55905
cf-request-id: 072365dae900002b71602f0000000001
last-modified: Tue, 18 Aug 2020 10:27:58 GMT
server: cloudflare
etag: "5f3bad2e-db86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0ba22b71-FRA
expires: Sun, 05 Dec 2021 09:37:34 GMT

GET
H2 200 polaraidhealth.jpeg
beforeitsnews.com/img/banner2020/ 45 KB
46 KB 51ms
45ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner2020/polaraidhealth.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1175274
cf-polished: origSize=46655, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46365
cf-request-id: 072365dae900002b710c394000000001
last-modified: Sat, 22 Aug 2020 10:50:47 GMT
server: cloudflare
etag: "5f40f887-b63f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0ba32b71-FRA
expires: Tue, 07 Dec 2021 05:49:34 GMT

GET
H2 200 BCX_Rife350x290.jpg
beforeitsnews.com/img/banner2020/ 36 KB
36 KB 52ms
45ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner2020/BCX_Rife350x290.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116207
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36512
cf-request-id: 072365daeb00002b71458ec000000001
last-modified: Wed, 18 Nov 2020 11:58:34 GMT
server: cloudflare
etag: "5fb50c6a-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0ba42b71-FRA
expires: Sun, 19 Dec 2021 12:00:41 GMT

GET
H2 200 tabs-bin-rev-20201116.js Show response
beforeitsnews.com/static/js-v3/ 148 B
454 B 31ms
31ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20201116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 355289
cf-polished: origSize=189
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365dabf00002b716eb02000000001
last-modified: Sun, 15 Nov 2020 17:33:27 GMT
server: cloudflare
etag: W/"5fb16667-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c0acadd2b71-FRA
expires: Wed, 23 Dec 2020 17:35:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9717f3593f6430313f4dea2f062410dfcba266815e06a3526dde931497295f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38974
x-xss-protection: 0
last-modified: Sun, 20 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Dec 2020 20:17:28 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

f4916adfebd1959a0ce2e6096d68af2ec3eadf4e7157fb2a5c265c16605e9eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1882
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 100 KB
32 KB 73ms
16ms Script
text/javascript 2600:9000:2070:7800:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:7800:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 47f5b2ba7dc4b1d498cf2f83bb1df236323a984a0d58e7a38e19951e39bd176f

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:13:01 GMT
content-encoding: gzip
age: 268
etag: W/"191a1-f+Ej8FZ9fSI4UoZYvR0ukXG/9to"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 425ccbcb040dd779e5f3bdc76b6d8ff9.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: cuWn0zx2jJKnYUKEb_RjsISwjJcjHAtzdFVw5dHylz_2p9XK7I4VGQ==

GET
H2 200 Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 41ms
35ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 4109333
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7D318228C46EEFE0
x-amz-id-2: 4/NqYEtT+3aX8zPWmihR6JWXBSi9ALFW50lxCLXE8K3Lt5LCFmIow4hTfZJlo+ZnzUz61Z0RxuY=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"93a3e7d84b15a0c8a8a9e4e6c8779aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3R09nKFA1fkBWMCXCpPvkqre3wT0snqV
cf-request-id: 072365daea00002b710eb44000000001
cf-ray: 604c0c0b0ba62b71-FRA

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
301 B 53ms
49ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 241436
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
cf-request-id: 072365daea00002b715d100000000001
last-modified: Mon, 18 Jun 2018 21:28:42 GMT
server: cloudflare
etag: "5b28240a-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0ba92b71-FRA
expires: Sat, 18 Dec 2021 01:13:32 GMT

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
927 B 45ms
44ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 236513
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
cf-request-id: 072365daeb00002b71f4a8d000000001
last-modified: Thu, 13 Apr 2017 09:52:51 GMT
server: cloudflare
etag: "58ef4a73-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0b0bac2b71-FRA
expires: Sat, 18 Dec 2021 02:35:35 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v35/ 13 KB
13 KB 6ms
6ms Font
font/woff 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v35/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 21:46:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 19:17:42 GMT
server: sffe
age: 253880
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13064
x-xss-protection: 0
expires: Fri, 17 Dec 2021 21:46:08 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 13:40:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:15:51 GMT
server: sffe
age: 196602
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9028
x-xss-protection: 0
expires: Sat, 18 Dec 2021 13:40:46 GMT

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 22ms
21ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1446281
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
cf-request-id: 072365db9900002b71f9999000000001
last-modified: Sat, 09 Feb 2019 15:29:21 GMT
server: cloudflare
etag: "5c5ef1d1-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0c2f462b71-FRA
expires: Sat, 04 Dec 2021 02:32:46 GMT

GET
H2 200 incr_views.php Show response
beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/ 8 B
309 B 774ms
774ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/incr_views.php?id=23&_=1608495448990

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c6c9cba488a916983d814fde518217ea8b6ed7d286f6c48d262108e72f814f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 604c0c0c3f6d2b71-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8
cf-request-id: 072365dba100002b7132bd4000000001

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 2151 207 KB
55 KB 176ms
62ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911a95b5ebc85069d70b49165bbb081f87277d48f598648e9f3f57a576ce0d59

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 1844
cf-polished: origSize=211914
last-modified: Mon, 23 Nov 2020 10:21:37 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 26A72D5D883119F0
x-amz-id-2: Ep+G87hE/Wfn6Y/LZS6YJ6MyA8Ly5TWcq5bqX9AdLUarxCQSzUbbaoyzYN4R1v2W5FdW7iMG/7Q=
cf-bgj: minify
server: cloudflare
etag: W/"2d31eaa26b18d508e3d54de779ffb8ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 072365dc81000010ef832d6000000001
cf-ray: 604c0c0d9ba810ef-CPH
expires: Sun, 20 Dec 2020 23:17:29 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 24ms
24ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1183999
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
cf-request-id: 072365dba900002b71221a4000000001
last-modified: Thu, 28 May 2020 11:32:46 GMT
server: cloudflare
etag: "5ecfa15e-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0c4fa12b71-FRA
expires: Tue, 07 Dec 2021 03:24:10 GMT

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame 263C 208 KB
55 KB 91ms
89ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020112020
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed0549c6c4d11bd4fa70f8bfc652dda717a3c172d5feb72b25c96d1e350832e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 3749
cf-polished: origSize=213308
last-modified: Mon, 23 Nov 2020 10:26:46 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 98C45BCDFBFA7EB8
x-amz-id-2: HDa7kviJxmLtd/IFJ9Hk5km735D9Xuz5hnA9f5vR+W24wTNNFCxRGYjZJtXoeE+a1w4sFLgV29c=
cf-bgj: minify
server: cloudflare
etag: W/"2c3f279cf444a835c134f775f7695332"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 072365dc9b000010ef772ee000000001
cf-ray: 604c0c0dcc4010ef-CPH
expires: Sun, 20 Dec 2020 23:17:29 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 29ms
9ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 19:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1341
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Dec 2020 20:55:08 GMT

GET
H3-Q050 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 57ms
19ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Dec 2020 21:13:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 73ms
24ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47107
x-xss-protection: 0
server: cafe
etag: 13290078405355148527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 20 Dec 2020 20:17:29 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
635 B 53ms
34ms Script
application/javascript 2606:4700:3032::681b:80dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:80dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 70902
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nzh%2B7EWV2bkoEnKKlB3bJTQEkboKKWHLnha5sBElsnNPL4SOyQbLziAlahj2fTtHqxhM6VQUxq%2BEupwZpGG%2BWL7CYNQMxj%2FOCJYg3f4cuRoOlzEZI4j7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 604c0c0e498a1f35-FRA
content-length: 9
cf-request-id: 072365dcee00001f350da9a000000001

GET
H2 200 adcode.png
rddywd.com/ 43 B
683 B 54ms
35ms Image
image/gif 2606:4700:3032::681b:80dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:80dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 63149
content-length: 43
cf-request-id: 072365dcee00002c423621b000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KO%2BKZ2Y679F43rTpS1GrzoZqQXaqFaM7PjHwYwFyMkDmwhOD7Tmw2uQinhJTbVQWoLlN%2BBOVvfP0zTDkmZv2QbMfSVBa5jJLCT1t9y5ZUlnPCOPOuFY7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 604c0c0e4a5f2c42-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
182 B 57ms
5ms Image
text/plain 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
2 KB 43ms
42ms Image
image/webp 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20201116.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 236192
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
cf-request-id: 072365dc0100002b71011d3000000001
last-modified: Wed, 06 Jun 2018 18:26:21 GMT
server: cloudflare
etag: "5b18274d-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c0cc9522b71-FRA
expires: Sat, 18 Dec 2021 02:40:57 GMT

POST
H2 200 count.php Show response
beforeitsnews.com/core/ajax/counter/ 15 B
98 B 648ms
648ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52bcbc75a56327b3391fb00b5a2769614044e06ea3628c651586b2159652cdc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 604c0c0d1a302b71-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15
cf-request-id: 072365dc2e00002b7132be5000000001

GET
H2 200 5f2c559be7229f0012f31c92.js Show response
buttons-config.sharethis.com/js/ 1 KB
871 B 87ms
32ms Script
text/javascript 2600:9000:21c7:200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f2c559be7229f0012f31c92.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:17 GMT
content-encoding: gzip
etag: "321dc6041bb0ea183e662f402b588149"
last-modified: Thu, 06 Aug 2020 20:50:47 GMT
server: AmazonS3
age: 19
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 b61409af370dbf025ffc910b1252c65f.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: oNnPLjIVfIMzyeRBo8fANW0Bh2GoQhPCEGp2GmBFH___I2hEriqq8A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 756
date: Sun, 20 Dec 2020 20:04:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 20 Dec 2020 22:04:53 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 12D5 0
0 65ms
16ms Document
text/html 2600:9000:2204:1e00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:1e00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Sun, 20 Dec 2020 19:51:44 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: TYo0Fz3xAHRfQRAHJIxAezStbobMpjMAmNPgIYOf1mRhE22SB-v3Lg==
age: 1545

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 243 KB
87 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 14:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19317
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88693
x-xss-protection: 0
last-modified: Mon, 30 Nov 2020 10:52:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 14:55:32 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 162ms
45ms XHR
text/plain 18.194.149.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=beforeitsnews.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fbeforeitsnews.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&cms=unknown&publisher=5f2c559be7229f0012f31c92&sop=true&bsamesite=true&consent_cookie_duration=88&consent_duration=88&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Before%20It%27s%20News%C2%AE%20is%20a%20community%20of%20individuals%20who%20report%20on%20what%27s%20going%20on%20around%20them%2C%20from%20all%20around%20the%20world.%20You%20can%20join%20to%20Contribute%20News%20and%20Comments.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.149.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-149-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:29 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 25ms
7ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 09:04:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 40393
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Mon, 20 Dec 2021 09:04:16 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 92E7 18 KB
4 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 19:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1341
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Dec 2020 20:55:08 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 22ms
6ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 09:55:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 37300
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Mon, 20 Dec 2021 09:55:49 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 37ms
36ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 2546
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 072365dd5a000010efa7334000000001
cf-ray: 604c0c0efe6510ef-CPH

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=614985141&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=837464151&gjid=1200828581&cid=1311208604.1608495449&tid=UA-16055024-1&_gid=810859892.1608495449&_r=1&gtm=2oubu0&z=168919271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 19 Dec 2020 00:21:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 158164
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Sun, 19 Dec 2021 00:21:25 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 77ms
76ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=0&h=-1&wrongImageSize=1&cols=4&pv=5&cbuster=1608495449575830253233&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=17681ccc5e7901dbff0&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 021deaf90ebdbb1fb73e91354e4f5727bf014b87efc23f2f4005f8dc08ca0949

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 604c0c0ff8dd10ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365ddfd000010ef94978000000001

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame 5ACB 3 KB
1 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m5kDfimMf9u70JgXRsc6og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-m5kDfimMf9u70JgXRsc6og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Sun, 20 Dec 2020 20:17:29 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-16055024-1&cid=1311208604.1608495449&jid=837464151&gjid=1200828581&_gid=810859892.1608495449&_u=IEBAAUAAAAAAAC~&z=1555240277

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Dec 2020 20:17:29 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 34ms
33ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=1311208604.1608495449&jid=837464151&_u=IEBAAUAAAAAAAC~&z=607583870

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-16055024-1&cid=1311208604.1608495449&jid=837464151&_u=IEBAAUAAAAAAAC~&z=607583870

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
903 B 85ms
85ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=334&cols=1&pv=5&cbuster=1608495449614173961433&uniqId=0ee1c&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=17681ccc60eb6be35b2&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020112020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91deab5909098b75940723c849ddf4e06246f29be63c12862b741e23fa82470b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 604c0c10397d10ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365de23000010efd2a67000000001

GET
H3-Q050 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 6ms
6ms Image
image/gif 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 20:35:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 258098
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Fri, 17 Dec 2021 20:35:51 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
692 B 86ms
78ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1608495449675747419260
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea54ee23191f7f09b213ea87e149b4c52082f0f68dafe5a48f200a829f55da48

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 2771ac40-bc9b-408f-8e9d-da6eb97820b1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 604c0c109aaf10ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365de62000010efd90a3000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame EE26 19 B
413 B 122ms
118ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1608495449679335494839
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: c78712d5-7ad1-462d-9f40-c3752d25fbe5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 604c0c109aaa10ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365de62000010ef7731b000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp
s-img.mgid.com/g/3805560/492x277/0x0x492x328/ 6 KB
6 KB 48ms
45ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805560/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp?v=1608495449-C1wu1QH3zRpRz06IOkVrm8gxXyiYM1ivsp-QAxJroZw
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 864af76ad523736a2f3966f74b8a53e43375d6112bc7a2594d505a2346ae8bf5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 8e05d5a4-a23b-4ef8-84cf-f0b9d152c7ab
age: 4286041
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6402
cf-request-id: 072365de63000010ef8fb92000000001
last-modified: Mon, 05 Oct 2020 11:36:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c109ab610ef-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc.webp
s-img.mgid.com/g/4147885/492x277/61x13x950x633/ 10 KB
10 KB 46ms
44ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4147885/492x277/61x13x950x633/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc.webp?v=1608495449-bNKFoJXVgt2SSdGJU33CGiYooIk430RCLF1MnGlNCTU
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7cddb2ec0a1c841d8e1fa306ba61194864db42ac45b53ce2728e16136c40c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 606e6d5b-25cb-45c3-869f-2524b8f54f41
age: 1146108
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9798
cf-request-id: 072365de62000010ef7a0f5000000001
last-modified: Mon, 05 Oct 2020 11:52:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c109ab210ef-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/ 19 KB
19 KB 50ms
48ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1608495449-R_7tn78pfPE1SLaq-RpClluvKFlXg7O2Tf7nc7OltrU
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e80051a222c17f6e0ef65e14e863278c0b1167c03e3715e81c67385600aa83b4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: f12743ae-0a69-4056-b61a-a30469a21e9d
age: 4292688
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18988
cf-request-id: 072365de63000010ef8d8e4000000001
last-modified: Mon, 05 Oct 2020 11:13:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c109ab410ef-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp
s-img.mgid.com/g/3805603/492x277/0x63x1000x666/ 6 KB
6 KB 44ms
43ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805603/492x277/0x63x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp?v=1608495449--8iDOoHI-qP7PX-fT4fm03iiUcnZvm4Q1n0IYKZpSKk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914aaf00570039622940a10c515c390e0bdb29e14a4cb1e3c3598cca05e8ead2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: a611e3bf-31c0-4923-9291-0c8c4ff43fef
age: 1079079
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6138
cf-request-id: 072365de75000010ef83302000000001
last-modified: Mon, 05 Oct 2020 11:40:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c10bafc10ef-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp
s-img.mgid.com/g/3805560/492x277/0x0x492x328/ Frame 2151 6 KB
6 KB 72ms
71ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805560/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp?v=1608495449-C1wu1QH3zRpRz06IOkVrm8gxXyiYM1ivsp-QAxJroZw
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 864af76ad523736a2f3966f74b8a53e43375d6112bc7a2594d505a2346ae8bf5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 8e05d5a4-a23b-4ef8-84cf-f0b9d152c7ab
age: 4286041
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6402
cf-request-id: 072365de94000010ef9ca8a000000001
last-modified: Mon, 05 Oct 2020 11:36:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c10eb5f10ef-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc.webp
s-img.mgid.com/g/4147885/492x277/61x13x950x633/ Frame 2151 10 KB
10 KB 69ms
69ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4147885/492x277/61x13x950x633/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc.webp?v=1608495449-bNKFoJXVgt2SSdGJU33CGiYooIk430RCLF1MnGlNCTU
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7cddb2ec0a1c841d8e1fa306ba61194864db42ac45b53ce2728e16136c40c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 606e6d5b-25cb-45c3-869f-2524b8f54f41
age: 1146108
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9798
cf-request-id: 072365de92000010efbc949000000001
last-modified: Mon, 05 Oct 2020 11:52:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c10eb6c10ef-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/ Frame 2151 19 KB
19 KB 73ms
72ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1608495449-R_7tn78pfPE1SLaq-RpClluvKFlXg7O2Tf7nc7OltrU
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e80051a222c17f6e0ef65e14e863278c0b1167c03e3715e81c67385600aa83b4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: f12743ae-0a69-4056-b61a-a30469a21e9d
age: 4292688
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18988
cf-request-id: 072365de95000010efd7242000000001
last-modified: Mon, 05 Oct 2020 11:13:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c10eb7710ef-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp
s-img.mgid.com/g/3805603/492x277/0x63x1000x666/ Frame 2151 6 KB
6 KB 61ms
60ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805603/492x277/0x63x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp?v=1608495449--8iDOoHI-qP7PX-fT4fm03iiUcnZvm4Q1n0IYKZpSKk
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914aaf00570039622940a10c515c390e0bdb29e14a4cb1e3c3598cca05e8ead2

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: a611e3bf-31c0-4923-9291-0c8c4ff43fef
age: 1079079
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6138
cf-request-id: 072365dea4000010ef9a9bb000000001
last-modified: Mon, 05 Oct 2020 11:40:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c110ba110ef-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc0N2I5NzIwODM2MDNhNThiMmUzZDE1NDQ4MTgxMWJmLmpwZWc.webp
s-img.mgid.com/g/4723159/492x328/0x0x607x404/ 9 KB
10 KB 45ms
45ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4723159/492x328/0x0x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc0N2I5NzIwODM2MDNhNThiMmUzZDE1NDQ4MTgxMWJmLmpwZWc.webp?v=1608495449-apzYgwVnFgEurwUE8r6Ri43herTf3IMnpuWctvtJT0o
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6e1b8131c07cdfaed4ee217aa32ca0e0b991a22132380f547f00af45cf49d1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 9a1dd248-7065-47a9-ab34-3bef7f48e18b
age: 4297786
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9580
cf-request-id: 072365deb3000010ef82172000000001
last-modified: Mon, 05 Oct 2020 11:24:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c111bca10ef-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc0N2I5NzIwODM2MDNhNThiMmUzZDE1NDQ4MTgxMWJmLmpwZWc.webp
s-img.mgid.com/g/4723159/492x328/0x0x607x404/ Frame 263C 9 KB
9 KB 30ms
29ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4723159/492x328/0x0x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzc0N2I5NzIwODM2MDNhNThiMmUzZDE1NDQ4MTgxMWJmLmpwZWc.webp?v=1608495449-apzYgwVnFgEurwUE8r6Ri43herTf3IMnpuWctvtJT0o
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6e1b8131c07cdfaed4ee217aa32ca0e0b991a22132380f547f00af45cf49d1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 9a1dd248-7065-47a9-ab34-3bef7f48e18b
age: 4297786
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9580
cf-request-id: 072365ded8000010ef82175000000001
last-modified: Mon, 05 Oct 2020 11:24:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 604c0c115c4e10ef-CPH

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 8F55
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

153ms
49ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1608495449675747419260
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Dec 2020 20:17:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sun, 20 Dec 2020 20:17:29 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 157ms
91ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=kbktFOv09dhc
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 604c0c11c9a410b9-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 072365df1b000010b9d812b000000001

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2JrdEZPdjA5ZGhj&muidn=kbktFOv09dhc
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2JrdEZPdjA5ZGhj&muidn=kbktFOv09dhc&google_tc=
https://cm.mgid.com/google?muidn=kbktFOv09dhc&google_ula={guid},5&google_gid=CAESENBIqfESI-CyAjdQJZAAjyE&google_cver=1

0
212 B

89ms
89ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=kbktFOv09dhc&google_ula={guid},5&google_gid=CAESENBIqfESI-CyAjdQJZAAjyE&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 604c0c122de410ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365df5d000010ef91931000000001

Redirect headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=kbktFOv09dhc&google_ula={guid},5&google_gid=CAESENBIqfESI-CyAjdQJZAAjyE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=R1e34WdPwk0rNf2RXiwI&pi=mgid&tc=1

43 B
361 B

90ms
89ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=R1e34WdPwk0rNf2RXiwI&pi=mgid&tc=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:30 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 002c63b5-197a-45e5-9707-9d50de153a5b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 604c0c12bee410ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365dfaf000010ef9499b000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=R1e34WdPwk0rNf2RXiwI&pi=mgid&tc=1
pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT, Sun, 20 Dec 2020 20:17:29 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=e31SSwxW4XX.AikABlF2gczIKg&expires=30&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6&gdpr=&gdpr_consent=&us_privacy=

43 B
243 B

70ms
69ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:30 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 17e6362a-00d6-4972-804d-093e4fa4899c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 604c0c14cb9f10ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365e0fb000010ef7c19f000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6&gdpr=&gdpr_consent=&us_privacy=
date: Sun, 20 Dec 2020 20:17:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=kbktFOv09dhc
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kbktFOv09dhc
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6

49 B
532 B

194ms
52ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Dec 2020 20:17:30 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=65c9cd9c-c84c-4f9c-ab53-44e85ed6c9c6
date: Sun, 20 Dec 2020 20:17:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
622 B 145ms
84ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=kbktFOv09dhc
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 604c0c11c97c1d22-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365df1d00001d22f7355000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=f4d65c47-c738-4e1a-955a-38ca3da5b4ac&ttl=1611087450

43 B
227 B

86ms
84ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=f4d65c47-c738-4e1a-955a-38ca3da5b4ac&ttl=1611087450
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:30 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6ffcf660-aa63-45c5-8efa-d104e198c075
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 604c0c132fb110ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365dff8000010efc2119000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:17:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=f4d65c47-c738-4e1a-955a-38ca3da5b4ac&ttl=1611087450
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 jsDynamic-bin-rev-20201111.js Show response
beforeitsnews.com/static/js-v3/ 8 KB
2 KB 40ms
39ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

616f3c5387758aff936d47c41a8ef8cc07b400b64b3d3e5d07634b2e31de4773

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 771962
cf-polished: origSize=7865
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365e63000002b71fe0a5000000001
last-modified: Sun, 15 Nov 2020 17:33:25 GMT
server: cloudflare
etag: W/"5fb16665-1eb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c1d1df82b71-FRA
expires: Fri, 18 Dec 2020 21:51:29 GMT

GET
H2 200 responsive-bin-rev-20201111.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
785 B 33ms
32ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20201111.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 771962
cf-polished: origSize=1728
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365e62f00002b7148010000000001
last-modified: Sun, 15 Nov 2020 17:33:26 GMT
server: cloudflare
etag: W/"5fb16666-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c1d1e002b71-FRA
expires: Fri, 18 Dec 2020 21:51:29 GMT

GET
H2 200 validate-bin-rev-20201111.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 42ms
41ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20201111.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 771962
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365e63000002b7106be7000000001
last-modified: Sun, 15 Nov 2020 17:33:27 GMT
server: cloudflare
etag: W/"5fb16667-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c1d1e032b71-FRA
expires: Fri, 18 Dec 2020 21:51:29 GMT

GET
H2 200 loadmore-bin-rev-20201111.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20201111.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 771962
cf-polished: origSize=14745
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365e63000002b715d22d000000001
last-modified: Sun, 15 Nov 2020 17:33:26 GMT
server: cloudflare
etag: W/"5fb16666-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 604c0c1d1e062b71-FRA
expires: Fri, 18 Dec 2020 21:51:29 GMT

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
1 KB 192ms
62ms Script
text/html 18.202.41.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_790&c=1608495452086&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

4b8d83e7decc8feec96194f003cd69da6f694aefcf0eed0b01522d46dcb89099

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 1247

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
1 KB 192ms
63ms Script
text/html 18.202.41.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=100246&t=rc_330&c=1608495452087&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

10d64deb33acf97c1cbe01c76e6f4cdc68b74314857d16cd14e48efc07ba1c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 1245

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 146ms
48ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20201111.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
content-encoding: gzip
last-modified: Sat, 19 Dec 2020 21:07:29 GMT
server: nginx
etag: "5364-1608412049882"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

POST
H2 200 get_banners_direct.php Show response
beforeitsnews.com/core/ajax/contributor/v3_banners/ 1 KB
531 B 609ms
608ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_banners/get_banners_direct.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab3d4e67f3f1725b7cd2d196dc1c9d4a87ef8b2f7c42884878e66f549426df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
date: Sun, 20 Dec 2020 20:17:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 604c0c1fad082b71-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365e7c700002b711833b000000001

GET
H2 200 showing.php Show response
beforeitsnews.com/core/ajax/contributor/v3_live_stream/ 792 B
442 B 595ms
594ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_live_stream/showing.php?_=1608495452101

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bb0649166a5575c83f03ea06978efc661b48b66a9706c10be152939253cfdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
date: Sun, 20 Dec 2020 20:17:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 604c0c1fad0c2b71-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365e7c700002b710c110000000001

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 39ms
21ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2936
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 604c0c1fc85f6395-FRA
cf-request-id: 072365e7df00006395efa26000000001
expires: Mon, 21 Dec 2020 08:17:32 GMT

GET
H2 200 get_items_to_show.php Show response
beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 57 KB
3 KB 606ms
605ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1608495452102

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6a0749dbb73160c55a10dc21e19938801bf0de055951aced9ef81e0be74fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
date: Sun, 20 Dec 2020 20:17:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 604c0c1fad112b71-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365e7c800002b71f9aea000000001

GET
H2 200 get-most-recent-stories-list.php Show response
beforeitsnews.com/v3/recent/ 15 KB
3 KB 616ms
616ms XHR
text/html 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1608495452102

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba3b956d2451a7dbd3bcb576840e205a226067da7bd7b6c709fa07137d9bced

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
date: Sun, 20 Dec 2020 20:17:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 604c0c1fad142b71-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 072365e7c800002b711b2fe000000001

GET
H/1.1 200
OK 10864438442185062
lockerdome.com/lad/ Frame AD55 0
0 621ms
167ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Sun, 20 Dec 2020 20:17:32 GMT

GET
H/1.1 200
OK 10864440455450982
lockerdome.com/lad/ Frame 83F7 0
0 618ms
167ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Sun, 20 Dec 2020 20:17:32 GMT

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 60 KB
60 KB 425ms
425ms XHR
text/javascript 18.202.41.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_790&c=1608495452086&width=1600&site_url=https%3A%2F%2Fbeforeitsnews.com%2F&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=111268&t=rc_790&c=1608495452086&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

b989b0a6c065a5c25053eec3f2528cd8dab878f8110b0b2183fc459caee6336e

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Sun, 20 Dec 2020 20:17:32 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/javascript; charset=utf-8

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 76 KB
76 KB 360ms
359ms XHR
text/javascript 18.202.41.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=100246&t=rc_330&c=1608495452087&width=1600&site_url=https%3A%2F%2Fbeforeitsnews.com%2F&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=100246&t=rc_330&c=1608495452087&width=1600&referer=https%3A%2F%2Fbeforeitsnews.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

95bb6c27d9aa0cf2a04f1cef53d7e76848cbf984eb51802b7280809c420ffb53

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Sun, 20 Dec 2020 20:17:32 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H2 200 hdSplGl0fj4
www.youtube.com/embed/ Frame EA1A 0
0 459ms
438ms Document
text/html 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/hdSplGl0fj4?rel=0&autoplay=0&mute=0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/hdSplGl0fj4?rel=0&autoplay=0&mute=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-length: 21031
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security: max-age=31536000
date: Sun, 20 Dec 2020 20:17:33 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=pJpz6c5Kz0o; path=/; domain=.youtube.com; secure; expires=Fri, 18-Jun-2021 20:17:32 GMT; httponly; samesite=None YSC=2qisK2eEDeI; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 20-Dec-2020 20:47:32 GMT VISITOR_INFO1_LIVE=pJpz6c5Kz0o; path=/; domain=.youtube.com; secure; expires=Fri, 18-Jun-2021 20:17:32 GMT; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 YHaSsqT6kf0
www.youtube.com/embed/ Frame BBD3 0
0 121ms
101ms Document
text/html 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YHaSsqT6kf0?rel=0&autoplay=0&mute=0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/YHaSsqT6kf0?rel=0&autoplay=0&mute=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: br
content-length: 21997
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Sun, 20 Dec 2020 20:17:32 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=eBgrhlcSCFo; path=/; domain=.youtube.com; secure; expires=Fri, 18-Jun-2021 20:17:32 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=eBgrhlcSCFo; path=/; domain=.youtube.com; secure; expires=Fri, 18-Jun-2021 20:17:32 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 20-Dec-2020 20:47:32 GMT YSC=x-0pYyoJMtc; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 88de2a6c6c0c0a17ee4513338f8ce27e7b3004b7.jpeg
beforeitsnews.com/img/i2020/12/ 18 KB
18 KB 24ms
24ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2020/12/88de2a6c6c0c0a17ee4513338f8ce27e7b3004b7.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87f59e3c5be59bfece610b46176dd43b441660a01d5225f98e94c287b30e39c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1696199
cf-polished: origSize=19907, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18455
cf-request-id: 072365ea2a00002b71023fa000000001
last-modified: Thu, 05 Nov 2020 07:35:45 GMT
server: cloudflare
etag: "5fa3ab51-4dc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c237f0d2b71-FRA
expires: Wed, 01 Dec 2021 05:07:33 GMT

GET
H2 200 454bd7e1.jpg
herbanomics.postaffiliatepro.com/accounts/default1/g75hwob/ 1 MB
1 MB 852ms
332ms Image
image/jpeg 45.33.2.97
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://herbanomics.postaffiliatepro.com/accounts/default1/g75hwob/454bd7e1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.2.97 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li956-97.members.linode.com
Software: nginx /
Resource Hash: a855d275afd3638c7d7d62e6b27285a2534fc64d07529fc20e4ff4ca15fba21b

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:33 GMT
via: 1.1 varnish (1.lb-app.pap.linode-us-tx)
x-srv: 2
age: 5
vary: Accept-Encoding
x-varnish: 231899550 227066807
cache-control: max-age=15, public
accept-ranges: bytes
content-type: image/jpeg
content-length: 1141682
server: nginx
expires: Sun, 20 Dec 2020 20:17:42 GMT

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/oqtNkhKGgmo/ 24 KB
25 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/oqtNkhKGgmo/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068cfc47e4df1a96edc34feae19e7038274de7b1cafc9f733d72627d22471822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:07 GMT
x-content-type-options: nosniff
server: sffe
age: 25
etag: "1608411756"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25080
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:22:07 GMT

GET
H2 200 hqdefault(287).jpg
beforeitsnews.com/contributor/upload/106013/images/ 14 KB
15 KB 42ms
38ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/hqdefault(287).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 711437
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14766
cf-request-id: 072365ea3e00002b7122345000000001
last-modified: Fri, 14 Aug 2020 20:18:17 GMT
server: cloudflare
etag: "5f36f189-39ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c239f602b71-FRA
expires: Sun, 12 Dec 2021 14:40:15 GMT

GET
H2

200

Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg
beforeitsnews.com/contributor/upload/724569/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg

33 KB
34 KB

31ms
30ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8a4acaab8f3d266a9544ed317d780e3c5f4567692806f0450ea30ca8a17862e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 310838
cf-polished: origSize=38657, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34084
cf-request-id: 072365ea4900002b71f9b31000000001
last-modified: Mon, 23 Nov 2020 19:17:18 GMT
server: cloudflare
etag: "5fbc0abe-9701"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c23afab2b71-FRA
expires: Fri, 17 Dec 2021 05:56:54 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-23%20at%207_55_56%20PM.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

iu-2%20(32).jpg
beforeitsnews.com/contributor/upload/724569/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg
https://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg

14 KB
14 KB

31ms
29ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e2207c38919b05b8578851d7ff15fc178de9efcda7f94950c70610c8d06c4b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 382
cf-polished: origSize=18819, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14128
cf-request-id: 072365ea4900002b71600b7000000001
last-modified: Wed, 14 Oct 2020 18:52:23 GMT
server: cloudflare
etag: "5f8748e7-4983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c23afaf2b71-FRA
expires: Mon, 20 Dec 2021 20:11:10 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/724569/images/iu-2%20(32).jpg
Non-Authoritative-Reason: HSTS

GET
H2 200 DarnoldGame2.jpg
www.jetnation.com/wp-content/uploads/2020/12/ 44 KB
45 KB 829ms
396ms Image
image/jpeg 204.13.239.203
DATACATE-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jetnation.com/wp-content/uploads/2020/12/DarnoldGame2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.13.239.203 , United States, ASN55106 (DATACATE-AS1, US),
Reverse DNS
Software: nginx /
Resource Hash: b22fc6d703979388d59088e1c24a7ca8e3047e75191119a95f7598a73abe072d

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:33 GMT
last-modified: Sun, 20 Dec 2020 19:39:45 GMT
server: nginx
accept-ranges: bytes
etag: "5fdfa881-b186"
content-length: 45446
content-type: image/jpeg

GET
H2 200 2020-12-17T105055Z_1_LYNXMPEGBG0SN_RTROPTP_4_USA-BIDEN-700x420.jpg
img.theepochtimes.com/assets/uploads/2020/12/18/ 37 KB
37 KB 137ms
48ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2020/12/18/2020-12-17T105055Z_1_LYNXMPEGBG0SN_RTROPTP_4_USA-BIDEN-700x420.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cadb2efa411cb626f434491a682fc63a4ff7a8f621521bd0531494e76eed873

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
last-modified: Fri, 18 Dec 2020 13:29:25 GMT
server: nginx
etag: "5fdcaeb5-9420"
x-hw: 1608495452.cds067.sk1.hn,1608495452.cds045.sk1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 37920

GET
H2 200 1f642.png
s.w.org/images/core/emoji/13.0.0/72x72/ 620 B
814 B 139ms
46ms Image
image/png 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.0/72x72/1f642.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

c7a2c052f383509ac9ec9da7f34cccc4c1d35040799426588c54a0d83cd9628f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sun, 20 Dec 2020 20:17:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 17:45:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 620
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 404 hqdefault.jpg
img.youtube.com/vi/2020/09/22/banks-aml-efficiency-the-fincen-files-horror-story-and-what-we-can-learn-for-crypto// 1 KB
1 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2020/09/22/banks-aml-efficiency-the-fincen-files-horror-story-and-what-we-can-learn-for-crypto//hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:17 GMT
x-content-type-options: nosniff
server: sffe
age: 15
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:17:47 GMT

GET
H2

200

Amerigeddon-Movie.jpg
beforeitsnews.com/contributor/upload/748669/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg
https://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg

51 KB
51 KB

33ms
31ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6566bdeb0f8c591832702768ab4ad31fc960f2f0a9b9dbb76cb94e411156fdb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 75576
cf-polished: origSize=56353, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51891
cf-request-id: 072365ea4b00002b71351e5000000001
last-modified: Thu, 17 Dec 2020 13:12:08 GMT
server: cloudflare
etag: "5fdb5928-dc21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c23afb02b71-FRA
expires: Sun, 19 Dec 2021 23:17:56 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/748669/images/Amerigeddon-Movie.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg
beforeitsnews.com/contributor/upload/724569/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg

29 KB
29 KB

23ms
22ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7183658fcfd17c30c370bc1cc7a8ca0cf708e79883f06273b10a4c266ebb66df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 321817
cf-polished: origSize=34455, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29563
cf-request-id: 072365ea4900002b71023fd000000001
last-modified: Tue, 08 Sep 2020 18:24:14 GMT
server: cloudflare
etag: "5f57cc4e-8697"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c23afb12b71-FRA
expires: Fri, 17 Dec 2021 02:53:55 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-09-08%20at%205_32_26%20PM.jpg
Non-Authoritative-Reason: HSTS

GET
H2 200 bc9f55ce-6515-4bff-ab01-9ad778b3ff9d.jpg
media.townhall.com/townhall/reu/ha/2017/6/ 62 KB
62 KB 142ms
49ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/ha/2017/6/bc9f55ce-6515-4bff-ab01-9ad778b3ff9d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f1757be70e528aef621f4ab0c6a59588aafbc48452270d3b62847ee949f391d7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
server: nginx/1.10.3 (Ubuntu)
x-img: thmbor3
etag: "378b9f8310b6a371a5159f9505288435ffe08d1f"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 63062
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1608495452.dop217.sk1.t,1608495452.cds219.sk1.hn,1608495452.cds052.sk1.c

GET
H2 200 Historys-Greatest-Mysteries-2048x1152-promo-16x9-1.jpg
1.bp.blogspot.com/-NQZP0cE9EWs/X9-czUP0YvI/AAAAAAAAbGg/Z4RBvskOYG08-nulYUjKXuTDvkYtICNFwCLcBGAsYHQ/s320/ 16 KB
16 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-NQZP0cE9EWs/X9-czUP0YvI/AAAAAAAAbGg/Z4RBvskOYG08-nulYUjKXuTDvkYtICNFwCLcBGAsYHQ/s320/Historys-Greatest-Mysteries-2048x1152-promo-16x9-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bd1436643629fb6f27921499d2146a33c10c4f64e13059debc2f76d15e2a971b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 19:30:01 GMT
x-content-type-options: nosniff
age: 2851
content-disposition: inline;filename="Historys-Greatest-Mysteries-2048x1152-promo-16x9-1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15940
x-xss-protection: 0
server: fife
etag: "v6c69"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 21 Dec 2020 19:30:01 GMT

GET
H2

200

vaccine(1).jpg
beforeitsnews.com/contributor/upload/426438/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg
https://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg

3 KB
4 KB

22ms
19ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6c6a5c70ffde44ad2cbab9dc28e907ed1ce5256a039de859acc0b143d77859

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2808
cf-polished: origSize=3709, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3491
cf-request-id: 072365ea6800002b715301a000000001
last-modified: Sun, 20 Dec 2020 19:27:23 GMT
server: cloudflare
etag: "5fdfa59b-e7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c23d83d2b71-FRA
expires: Mon, 20 Dec 2021 19:30:44 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/426438/images/vaccine(1).jpg
Non-Authoritative-Reason: HSTS

GET
H2 200 syncranium_inner-veiw588.jpg
pterosaurheresies.files.wordpress.com/2020/12/ 51 KB
51 KB 215ms
117ms Image
image/webp 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pterosaurheresies.files.wordpress.com/2020/12/syncranium_inner-veiw588.jpg?w=584&h=472

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

639bbdccf8f434f55586e2ec4a2956ebf9ec7a046d46341f72ee779f1760488d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 28 np
date: Sun, 20 Dec 2020 20:17:32 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Sun, 20 Dec 2020 17:34:48 GMT
server: nginx
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://pterosaurheresies.wordpress.com
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 52294
access-control-allow-credentials: true
expires: Tue, 26 Jan 2021 11:17:26 GMT

GET
H/1.1 200
OK solarwinds.jpg
stateofthenation.co/wp-content/uploads/2020/12/ 193 KB
193 KB 110ms
74ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://stateofthenation.co/wp-content/uploads/2020/12/solarwinds.jpg

Protocol

HTTP/1.1

Server

192.124.249.6 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

Sucuri/Cloudproxy /

Resource Hash

3d1fa5d5a2c91f3efe1433cb5debe6268a56c9f1a4b60d841393b509a30cf45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 20:17:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 20 Dec 2020 10:34:04 GMT
Server: Sucuri/Cloudproxy
ETag: "4636cb-3039c-5b6e2e1717a97"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19006
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197532
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vaccine-kiowa-press-1024x619.jpg
www.naturalblaze.com/wp-content/uploads/2020/12/ 70 KB
71 KB 48ms
21ms Image
image/jpeg 2606:4700:3033::681b:8fb8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalblaze.com/wp-content/uploads/2020/12/vaccine-kiowa-press-1024x619.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:8fb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf7b9414519d200832e0c5f940f107ddb8ae3815a0e38f9ab829daa612b719aa

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3388
content-length: 71618
cf-request-id: 072365ea8200004a7369a1c000000001
last-modified: Sun, 20 Dec 2020 18:18:51 GMT
server: cloudflare
etag: "5fdf958b-117c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k58cPgEy65VRVUfVTeDxTB66b1iLkJPE%2Bgn7u2iX3HEd0WNNqWk%2BBwVyDsTfZX1cX%2BLuQnTfAMBrdvXZI%2FJXgMA4A8kK9ERtFjAodySO401BGpXU%2BQgWemTZDyuEYvC60Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 604c0c240f6d4a73-FRA

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/KIAhqAeD_NE/ 43 KB
43 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/KIAhqAeD_NE/hqdefault.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c16b67bdb7638f2c64b187a01987f29c76ff9c66711a632f800a1efdfa6fc0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:13:05 GMT
x-content-type-options: nosniff
server: sffe
age: 267
etag: "1608489599"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43784
x-xss-protection: 0
expires: Sun, 20 Dec 2020 20:18:05 GMT

GET
H2 200 share-to-parler.png
gellerreport.com/wp-content/uploads/2020/12/ 15 KB
16 KB 185ms
74ms Image
image/png 192.124.249.17
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gellerreport.com/wp-content/uploads/2020/12/share-to-parler.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.17 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

3db952fba727a392d87f18ad9028754c8b9fd2e206e3330eaf763615432fd3ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 13:11:53 GMT
server: nginx
etag: "5fcf7b99-3dae"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 15790
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 paiul-772245.jpg
beforeitsnews.com/contributor/upload/106013/images/ 51 KB
51 KB 26ms
23ms Image
image/jpeg 2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/paiul-772245.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf53baa29daf3ca6c8b68724293091277b58cf96f108f67cf019327b256863b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4137
cf-polished: origSize=52977, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51817
cf-request-id: 072365ea3f00002b711b346000000001
last-modified: Mon, 20 Jul 2020 11:01:57 GMT
server: cloudflare
etag: "5f1579a5-cef1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c239f672b71-FRA
expires: Mon, 20 Dec 2021 19:08:35 GMT

GET
H2

200

Covis19-vaccine-DNA-damage.jpg
beforeitsnews.com/contributor/upload/662794/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg
https://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg

21 KB
21 KB

26ms
25ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544b6143f0f3e268c98bc912bef093875321be1cc12116e54929cfef86ad7bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4331
cf-polished: origSize=22452, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21422
cf-request-id: 072365ea7c00002b711491d000000001
last-modified: Sun, 20 Dec 2020 19:03:43 GMT
server: cloudflare
etag: "5fdfa00f-57b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c23f88d2b71-FRA
expires: Mon, 20 Dec 2021 19:05:21 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/662794/images/Covis19-vaccine-DNA-damage.jpg
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 1-earth-sos-conceptual-image-detlev-van-ravenswaay.jpg
images.fineartamerica.com/images-medium-large/ 84 KB
85 KB 76ms
61ms Image
image/jpeg 2600:9000:2093:4000:d:8a0c:6440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.fineartamerica.com/images-medium-large/1-earth-sos-conceptual-image-detlev-van-ravenswaay.jpg
Protocol: HTTP/1.1
Server: 2600:9000:2093:4000:d:8a0c:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36fe45df416d7f6e22dcb693f50939a972ee5f50bfb0170e9b83a6415471712f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 10:15:01 GMT
Via: 1.1 acc2c574ca468bfb1281581bb9fd9e8a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 13 May 2013 21:52:00 GMT
Server: AmazonS3
x-amz-request-id: EDC53F3869ECA969
ETag: "93ef4b62ea98634b776d32f14ab1dd23"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=1296000
X-Amz-Cf-Pop: HAM50-C1
Accept-Ranges: bytes
Content-Length: 85941
x-amz-id-2: cg6+AKf46C2+uyAYgg6ll74hDexGNX1HqrnbHHGR+zNJenKpDxXLzjJIV5mZahxWsCbpqKqXjuw=
X-Amz-Cf-Id: kSwnTidp3BqF8GrrUwMeBk926DUQnrEp2nQVj55WWCZFShxuJBe38w==

GET
H2

200

Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg
beforeitsnews.com/contributor/upload/724569/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg
https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg

40 KB
40 KB

30ms
30ms

Image
image/jpeg

2606:4700:10::ac43:e6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e6e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5213080107079508d6ec845ffafacd4667e4afd0fa3743905fa5d58b23adf89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3767662
cf-polished: origSize=46302, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40760
cf-request-id: 072365ea9e00002b713a3d6000000001
last-modified: Tue, 03 Nov 2020 00:06:22 GMT
server: cloudflare
etag: "5fa09efe-b4de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 604c0c24292c2b71-FRA
expires: Sun, 07 Nov 2021 05:43:10 GMT

Redirect headers

Location: https://beforeitsnews.com/contributor/upload/724569/images/Screen%20Shot%202020-11-03%20at%202_04_09%20AM.jpg
Non-Authoritative-Reason: HSTS

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ 83 KB
23 KB 141ms
49ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 21:50:30 GMT
etag: "1608241830"
x-hw: 1608495452.cds065.sk1.hn,1608495452.cds224.sk1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2696
accept-ranges: bytes
content-length: 23124

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ 280 KB
84 KB 118ms
112ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6df1457515a690c33717b2eca10548b3fbe947e30b05365471a2d04ba64273af

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 21:50:30 GMT
etag: "1608241830"
x-hw: 1608495452.cds065.sk1.hn,1608495452.cds209.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=6292
accept-ranges: bytes
content-length: 85554

GET
H2 200 42eec848aeec054d87c759df07fd4365.jpeg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 8 KB
8 KB 198ms
95ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/42eec848aeec054d87c759df07fd4365.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a9b1dac4640ae24465170fdc8a89216f09922c0ec41e9dc668c4d7d5d0650359

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="42eec848aeec054d87c759df07fd4365.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-11-17T19:42:12.442Z;desc=hit,rtt;dur=0
content-length: 8068
last-modified: Tue, 10 Nov 2020 17:43:00 GMT
server: Cloudinary
etag: "069af10ceb55ac50a045fa2586973bd4"
vary: Accept
x-hw: 1608495452.cds053.sk1.hn,1608495452.cds043.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15734583750160732187.jpeg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 12 KB
13 KB 231ms
136ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/15734583750160732187.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d0c4a0905128c55af84ba63f373a41f557f2543aedb8d7ae426d129b96dfd174

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15734583750160732187.webp"
server-timing: fastly;dur=138;cpu=0;start=2020-12-12T17:27:22.917Z;desc=miss,rtt;dur=0,cloudinary;dur=45;start=2020-12-12T17:27:22.962Z
content-length: 12724
last-modified: Thu, 13 Aug 2020 13:59:41 GMT
server: Cloudinary
etag: "784b205c632a554b86ee9578f3a1f1a7"
vary: Accept
x-hw: 1608495452.cds053.sk1.hn,1608495452.cds202.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 68e4db568296e2149cd9335740792bc9.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 11 KB
11 KB 196ms
136ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/68e4db568296e2149cd9335740792bc9.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7eb9890c6dc36dac5de03c9324d0d43cc3cd7bbf84677cb0d4756cf2bf04121c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="68e4db568296e2149cd9335740792bc9.webp"
server-timing: fastly;dur=1;start=2020-10-20T15:41:26.558Z;desc=hit,rtt;dur=0
content-length: 11492
last-modified: Thu, 13 Aug 2020 13:59:19 GMT
server: Cloudinary
etag: "4fcd899994e826b03692aad31351bbc8"
vary: Accept
x-hw: 1608495452.cds053.sk1.hn,1608495452.cds202.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15668969740703842202.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 33 KB
33 KB 156ms
152ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/15668969740703842202.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5b3bfe799da558857b11d4b32be4aa2ab97c5c7023630d4223846c825a551c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15668969740703842202.webp"
server-timing: fastly;dur=1;start=2020-10-20T15:23:14.114Z;desc=hit,rtt;dur=1
content-length: 33718
last-modified: Thu, 13 Aug 2020 13:59:15 GMT
server: Cloudinary
etag: "0278445402cfcdf317daa1702e2fb560"
vary: Accept
x-hw: 1608495452.cds053.sk1.hn,1608495452.cds046.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
1 KB 45ms
30ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Scada

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24f9f738d7dfc72a5d156f1d0f255ff3cfeba564708dc8cfbc0c20e929cc5c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Dec 2020 20:17:32 GMT
server: ESF
date: Sun, 20 Dec 2020 20:17:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Dec 2020 20:17:32 GMT

GET
H2 200 5fb646e79d8d94-96702068.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 11 KB
12 KB 98ms
95ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/5fb646e79d8d94-96702068.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

08e24203faefd371ec6a5cc290fa676a3ac558f20b4b45f0e21196ea3a8b5162

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5fb646e79d8d94-96702068.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-11-20T09:59:38.115Z;desc=hit,rtt;dur=1
content-length: 11768
last-modified: Thu, 19 Nov 2020 19:37:37 GMT
server: Cloudinary
etag: "91be45768c529215b40725adcb062c7e"
vary: Accept
x-hw: 1608495452.cds053.sk1.hn,1608495452.cds049.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c880b053706800a9676c62fd28b4323c.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 15 KB
15 KB 170ms
170ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/c880b053706800a9676c62fd28b4323c.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4ae6fadc73877dabecc11d3d53f3e1ce41cb0aa533472404d7bd024890e6e7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 20:17:33 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="c880b053706800a9676c62fd28b4323c.webp"
server-timing: fastly;dur=462;cpu=0;start=2020-11-17T19:45:22.053Z;desc=miss,rtt;dur=0,cloudinary;dur=55;start=2020-11-17T19:45:22.407Z
content-length: 15352
last-modified: Tue, 10 Nov 2020 17:41:28 GMT
server: Cloudinary
etag: "02da6946f8a02c385de584df45176505"
vary: Accept
x-hw: 1608495453.cds053.sk1.hn,1608495453.cds049.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v35/ 12 KB
12 KB 6ms
6ms Font
font/woff 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v35/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Scada

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 22:14:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 19:17:24 GMT
server: sffe
age: 511374
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12672
x-xss-protection: 0
expires: Tue, 14 Dec 2021 22:14:38 GMT

GET
H3-Q050 200 RLpxK5Pv5qumeVJvzTQKbVvu.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLpxK5Pv5qumeVJvzTQKbVvu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Scada

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

788a08bf62ef367edb51976a66fd9c5abc5ad55f4fa1ac66d3abde2ac76da67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 19 Dec 2020 00:22:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:20:39 GMT
server: sffe
age: 158125
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8984
x-xss-protection: 0
expires: Sun, 19 Dec 2021 00:22:07 GMT

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
196 B 260ms
89ms XHR
text/html 18.202.41.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=392d0456d40b7aea6d63f84b940c132cd6bb9b4a&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Sun, 20 Dec 2020 20:17:33 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
197 B 239ms
88ms XHR
text/html 18.202.41.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.41.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://beforeitsnews.com
date: Sun, 20 Dec 2020 20:17:33 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22Pz5F.VsHR%22%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1608495449672%7D%2C%22C720412%22%3A%7B%22page%22%3A1%2C%22time%22%3A1608495449703%7D%7D
.beforeitsnews.com/	1970-01-19 14:48:15	Name: _gat_gtag_UA_16055024_1 Value: 1
.beforeitsnews.com/	1970-01-19 14:49:41	Name: _gid Value: GA1.2.810859892.1608495449
beforeitsnews.com/	1970-01-20 14:48:15	Name: b4in-uuid Value: 4efd4f37-0505-47d5-a4c5-89732c4d8aa0
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s2
.beforeitsnews.com/	1970-01-20 08:19:27	Name: _ga Value: GA1.2.1311208604.1608495449
.beforeitsnews.com/	1970-01-19 15:31:27	Name: __cfduid Value: db60e75ff07b459ba5b86a1b7394a85471608495448

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://beforeitsnews.com/(Line 494) Message: [Web Cached] Loaded time: 0.00291s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020112020(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020112020(Line 1) Message: [object HTMLImageElement]
console-api	info	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20201116.js(Line 39) Message: adsVideosRotating: id23 views: 1,771.9k
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ams.creativecdn.com
beforeitsnews.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.mgid.com
cdn.onesignal.com
cdn.revcontent.com
cdn2.lockerdomecdn.com
cf.girlsaskguys.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gellerreport.com
herbanomics.postaffiliatepro.com
i.imgflip.com
i.ytimg.com
iili.io
images.fineartamerica.com
images.revcontent.com
img.theepochtimes.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
l.sharethis.com
lockerdome.com
m.thebl.com
match.adsrvr.org
media.townhall.com
media0.giphy.com
pagead2.googlesyndication.com
platform-api.sharethis.com
pterosaurheresies.files.wordpress.com
px.adhigh.net
rddywd.com
s-img.mgid.com
s.w.org
s3.amazonaws.com
secure-assets.rubiconproject.com
servicer.mgid.com
stateofthenation.co
static-3.bitchute.com
stats.g.doubleclick.net
sync.go.sonobi.com
tntrafficticket.us
translate.google.com
translate.googleapis.com
trends.revcontent.com
upload.wikimedia.org
www.dancebase.co.uk
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.jetnation.com
www.morningstar.ng
www.naturalblaze.com
www.rumormillnews.com
www.stripes.com
www.youtube.com
x.bidswitch.net
104.154.142.214
104.16.221.74
104.18.64.15
104.19.132.78
104.19.216.61
151.101.14.2
151.139.128.11
151.139.242.29
168.62.40.228
172.217.22.66
178.162.133.149
18.194.149.70
18.202.41.158
185.184.8.30
185.59.220.193
192.0.72.28
192.0.77.48
192.124.249.17
192.124.249.6
193.232.148.160
204.13.239.203
205.185.216.42
213.138.111.133
23.37.42.132
2600:9000:2070:7800:1c:8a07:5e80:93a1
2600:9000:2093:4000:d:8a0c:6440:93a1
2600:9000:21c7:200:c:abe:f440:93a1
2600:9000:2204:1e00:c:a9b7:ddc0:93a1
2606:4700:10::ac43:e6e
2606:4700:20::ac43:4728
2606:4700:3032::681b:80dd
2606:4700:3033::681b:8fb8
2606:4700:3034::681c:1cf1
2606:4700:3036::681b:95d9
2606:4700:3036::ac43:9f4c
2606:4700::6812:e134
2620:0:862:ed1a::2:b
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:814::2004
2a00:1450:4001:815::200a
2a00:1450:4001:815::200e
2a00:1450:4001:817::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:820::200a
2a00:1450:4001:821::2016
2a00:1450:4001:824::2004
2a00:1450:4001:825::2002
2a00:1450:400c:c06::9c
35.157.252.59
35.226.130.62
45.33.2.97
45.79.195.246
52.216.16.179
54.216.123.169
81.19.215.5
021deaf90ebdbb1fb73e91354e4f5727bf014b87efc23f2f4005f8dc08ca0949
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
068cfc47e4df1a96edc34feae19e7038274de7b1cafc9f733d72627d22471822
076a94b81494d3391aef8d653126cf909d60999aec689ee2a1b4c048d042948a
08e24203faefd371ec6a5cc290fa676a3ac558f20b4b45f0e21196ea3a8b5162
0d20a1591dde0743e137347b77f33c79b3584572ea652a6fc646888126b11279
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
10d64deb33acf97c1cbe01c76e6f4cdc68b74314857d16cd14e48efc07ba1c68
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
18f19bd3e00fe8248d8c715e257c2ceab27f19092344b6a16d6f0636cad76131
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
202592cabd88a9b1b38ecae8c933a78f9f39355ffc9b2f24aadd13eda9518a2a
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
217e9091d2fdc535b6bd04ca61b1758b51088f194076f39c6693d4b3aa37dd83
24f9f738d7dfc72a5d156f1d0f255ff3cfeba564708dc8cfbc0c20e929cc5c63
2a6e86570464befe62f0ad86019c338114068721e30b377cad095eeef4792522
2b7929406c9755bddeee14792c5bc628ed511e22c49aa54d43181307ca7bed67
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2d6a0749dbb73160c55a10dc21e19938801bf0de055951aced9ef81e0be74fb5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
30bfc868243575bd7a29d4f8d36a453b5570f2e8792f1ba989fee23ee04ab890
30f0e80aa16c0703f0454dbf4b88664fd7fac80466a92f455559c77b57f80f4c
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3294edd61742f6999c2213e052f5f42b0dd238a09302160e0a46d38eabe0d9a3
33848ec15971b15bb25dd1e42dd1abcfb0b521c8c1363e5ffd5da7804a38ccb0
35a82ddaf03e843fc4768f9bce9fb256510d791d9dadac092442f284ffb8caf3
36fe45df416d7f6e22dcb693f50939a972ee5f50bfb0170e9b83a6415471712f
3d1fa5d5a2c91f3efe1433cb5debe6268a56c9f1a4b60d841393b509a30cf45b
3db952fba727a392d87f18ad9028754c8b9fd2e206e3330eaf763615432fd3ee
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
42ad5e7034d51439f53541b9f772f5e4ef07b085f1e5cdc381b01872a02d131f
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
44b7cddb2ec0a1c841d8e1fa306ba61194864db42ac45b53ce2728e16136c40c
47f5b2ba7dc4b1d498cf2f83bb1df236323a984a0d58e7a38e19951e39bd176f
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
4ae6fadc73877dabecc11d3d53f3e1ce41cb0aa533472404d7bd024890e6e7b5
4b8d83e7decc8feec96194f003cd69da6f694aefcf0eed0b01522d46dcb89099
4bb0649166a5575c83f03ea06978efc661b48b66a9706c10be152939253cfdbd
4c50101c34398597ac1ea3e5358ea9e1d801807b0317b4363252bd95193614ca
4e2207c38919b05b8578851d7ff15fc178de9efcda7f94950c70610c8d06c4b2
52bcbc75a56327b3391fb00b5a2769614044e06ea3628c651586b2159652cdc5
544b6143f0f3e268c98bc912bef093875321be1cc12116e54929cfef86ad7bea
5abd1fc8bb2f006078e2cd79cabd76eeb26b4c6c9335fa27ab6c9aaa223fb178
5b3bfe799da558857b11d4b32be4aa2ab97c5c7023630d4223846c825a551c53
5cadb2efa411cb626f434491a682fc63a4ff7a8f621521bd0531494e76eed873
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
616f3c5387758aff936d47c41a8ef8cc07b400b64b3d3e5d07634b2e31de4773
639bbdccf8f434f55586e2ec4a2956ebf9ec7a046d46341f72ee779f1760488d
6566bdeb0f8c591832702768ab4ad31fc960f2f0a9b9dbb76cb94e411156fdb9
6577682a5529ae8edd2fde1f3e5c68ef89277a0f12d47c413d10b7d8052621dc
670dafc78bf28e92c618b32088cb7398f402bbf4f7135e224532fd391848f5c2
6a913174f23ae7ddee498f45566d9ebb0544343afe5d486bb3f7f6ce6eaa6d49
6b6e3ebaf6239b54e5814a5f4d16adecd07cd73642d10f9f5cf7190ae9b9c3d2
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
6c6c9cba488a916983d814fde518217ea8b6ed7d286f6c48d262108e72f814f3
6d3fded1f2cf2fb3e7347408392b688efc920047702435afc9d17244e802496f
6df1457515a690c33717b2eca10548b3fbe947e30b05365471a2d04ba64273af
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
7183658fcfd17c30c370bc1cc7a8ca0cf708e79883f06273b10a4c266ebb66df
72c8257271d5ac677ab2c9ff8a29220a7128c639b73db95db9cf3ad03ef96f7c
787a94617c4a8b88d9f0a92e0eac8fed28c7d35f296028a550725464aee28539
788a08bf62ef367edb51976a66fd9c5abc5ad55f4fa1ac66d3abde2ac76da67e
7965c26cebd0d53bf6221be5b8ac482fc7cf532c099fee646afa5b6afc07ce51
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
79ea20c2453d614642047c888d9a9abe70f74839a3ab9f6f3450441f0d6d9042
7ba3b956d2451a7dbd3bcb576840e205a226067da7bd7b6c709fa07137d9bced
7eb9890c6dc36dac5de03c9324d0d43cc3cd7bbf84677cb0d4756cf2bf04121c
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7ffb67ad8dc98a3891ae39f32c274b98e9b9ce7e96c1cb99468c16119b82d02e
81ef4e25e521f81d0efd5d1dd5885a1e4e39b1b9974bdc3117d7a9dbc1133e84
8286ea3b6cc5ae49e5a9f5c3f76cdcfb6433e338f85a03cfd9a0bbbd914a82f2
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
83980d2c6be63121ae377e3315c6bdc744309de315d43983dbadf8bd611b4a28
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
864af76ad523736a2f3966f74b8a53e43375d6112bc7a2594d505a2346ae8bf5
869f59c636c830291e34258562dd42f73c35334e267037c93770001d61f78a49
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87f59e3c5be59bfece610b46176dd43b441660a01d5225f98e94c287b30e39c0
8e6c6a5c70ffde44ad2cbab9dc28e907ed1ce5256a039de859acc0b143d77859
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
904df826ac2b2bc80617fe91ac632a4aaea6c2ebccf269bf87f355deb39d870e
911a95b5ebc85069d70b49165bbb081f87277d48f598648e9f3f57a576ce0d59
914aaf00570039622940a10c515c390e0bdb29e14a4cb1e3c3598cca05e8ead2
91deab5909098b75940723c849ddf4e06246f29be63c12862b741e23fa82470b
95bb6c27d9aa0cf2a04f1cef53d7e76848cbf984eb51802b7280809c420ffb53
9717f3593f6430313f4dea2f062410dfcba266815e06a3526dde931497295f73
9ab8d3ab886ebd79b8127eb85c077b40f7c5e92fb28da6526aa421188910c793
9f9efff5970b479d5a02f300e10b15f5529c38c10a19906a1ac900484581f30e
a1c5ca09f2fe63aa454e4f33337f32024dd0191adfe2316321aca763d9b12267
a30390ed3206a8f05a65b99556f6f732dac17ee26ef5a774f6d10980bd25a985
a54585280d1028d7638386af088652705a69740d5a8f296eafc7f98ba8554c3d
a7076ae1f2fdb36099390661d9b82ff46cb3b4256bd3f31160f959f2e87e425b
a855d275afd3638c7d7d62e6b27285a2534fc64d07529fc20e4ff4ca15fba21b
a8a4acaab8f3d266a9544ed317d780e3c5f4567692806f0450ea30ca8a17862e
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
a9b1dac4640ae24465170fdc8a89216f09922c0ec41e9dc668c4d7d5d0650359
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
abe20d0d93c6b8e49e75dcc575d4e7acb994a7b382077ecfa5eb363002fe9fca
af030f5110b979cdb6088e157af646ed84fb48843cdf9003b5cbd652fca89f4b
b1d10f374a222e7a7d724948597eac631b69416251cbad0396610788157a10b6
b22fc6d703979388d59088e1c24a7ca8e3047e75191119a95f7598a73abe072d
b989b0a6c065a5c25053eec3f2528cd8dab878f8110b0b2183fc459caee6336e
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bd1436643629fb6f27921499d2146a33c10c4f64e13059debc2f76d15e2a971b
bd2a129f29805ca234b0c8374aec9b74a9795d1a0d1c3335bf42041839e843aa
bd54d4a7921368bbd3e05cf10723d022ba0835e9803c58d7f52d5ecf75c27422
bf53baa29daf3ca6c8b68724293091277b58cf96f108f67cf019327b256863b6
c16b67bdb7638f2c64b187a01987f29c76ff9c66711a632f800a1efdfa6fc0f4
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
c45b1eec80e5b5d7f5db645c857a91d38160f5985214f5c0f0662236c4e5a513
c5213080107079508d6ec845ffafacd4667e4afd0fa3743905fa5d58b23adf89
c7713f7108560b28c40f0e7fcd50f5ce1ffe3db8ab45724c79efa0c56c03ce07
c7a2c052f383509ac9ec9da7f34cccc4c1d35040799426588c54a0d83cd9628f
ca6c4dae8dc680a4595921bae7b66ab8bede58bee181a639464d14d1e780ddf5
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb3c8e6d8177ed58739c0338a0de6acb391d0f0a857f0a351a99482061137455
cc978d7cff4041a0b65fec9630e7ae4ac16a140c47930c46406dfba20d32f690
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7b9414519d200832e0c5f940f107ddb8ae3815a0e38f9ab829daa612b719aa
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0c4a0905128c55af84ba63f373a41f557f2543aedb8d7ae426d129b96dfd174
d1ad2e69f7c7ccca553946ca3ce67e4249ad4315d7341136f1fdb6559d33e7f7
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
dc6e1b8131c07cdfaed4ee217aa32ca0e0b991a22132380f547f00af45cf49d1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e11856b669d80ade06681b95ec9d41db8534aeeb3ea8065652976e2bc047f2f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4c604a41fcbff202d58a5849f90896ce094a515b46afd1133442ad96dd7f2c3
e80051a222c17f6e0ef65e14e863278c0b1167c03e3715e81c67385600aa83b4
ea54ee23191f7f09b213ea87e149b4c52082f0f68dafe5a48f200a829f55da48
ed0549c6c4d11bd4fa70f8bfc652dda717a3c172d5feb72b25c96d1e350832e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff11b862f4349b2473385aa90d66e0ac6d3be33f4c288a42715e351a6d72186
f1757be70e528aef621f4ab0c6a59588aafbc48452270d3b62847ee949f391d7
f4916adfebd1959a0ce2e6096d68af2ec3eadf4e7157fb2a5c265c16605e9eee
f58900c46838dd616dac2002cb511eac3c10753adc10a855073c883e0785f81c
fab3d4e67f3f1725b7cd2d196dc1c9d4a87ef8b2f7c42884878e66f549426df3
fad8c9f03c024d5b95c3503270dad839a5b3805c8f6cc32e013feb29890e31e9
fb3510b827835b851396cd05695713efff68826162ca27a73298fb29ee46a1f0
fb60bec727121d5594d984f8313dc70aac2ba35e977d9db9030e2402c3515a27
fd7dc2b9d1e9e9562ceb6ff721a7ff6a07fe97816074bc58ce14ce16a61aaf07
ff943bf582a2b6018789b174549a271cec3f8e9eca1a0375452bc9f32d38e140

beforeitsnews.com Open in urlscan Pro 2606:4700:10::ac43:e6e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

98 %HTTPS

49 %IPv6

52 Domains

68 Subdomains

57 IPs

8 Countries

45529 kBTransfer

46815 kBSize

7 Cookies

36 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::ac43:e6e Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

98 %
HTTPS

49 %
IPv6

52
Domains

68
Subdomains

57
IPs

8
Countries

45529 kB
Transfer

46815 kB
Size

7
Cookies

183 HTTP transactions
3 data transactions