beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On December 05 via manual (December 5th 2021, 11:09:23 pm UTC) from US — Scanned from DE

Summary HTTP 232 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 55 IPs in 11 countries across 49 domains to perform 232 HTTP transactions. The main IP is 2606:4700:10::6816:4b8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 45	2606:4700:10:... 2606:4700:10::6816:4b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.189.65 13.224.189.65	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
22	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:4e23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
9	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
12	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.102.176.152 34.102.176.152	15169 (GOOGLE) (GOOGLE)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
7	89.187.169.15 89.187.169.15	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700:303... 2606:4700:3036::6815:eb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::6815:f08	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	194.36.140.95 194.36.140.95	50939 (SPACE-AS) (SPACE-AS)
1	2606:4700:303... 2606:4700:3036::6815:2d1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.124.249.15 192.124.249.15	30148 (SUCURI-SEC) (SUCURI-SEC)
1	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
1	172.67.29.158 172.67.29.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	209.58.165.79 209.58.165.79	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
9	13.225.87.101 13.225.87.101	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:21f... 2600:9000:21f3:400:18:9413:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
3	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:40f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
19	2600:9000:20e... 2600:9000:20eb:8400:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	169.55.146.12 169.55.146.12	36351 (SOFTLAYER) (SOFTLAYER)
5	2606:4700:20:... 2606:4700:20::681a:623	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:8303	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	69.30.243.170 69.30.243.170	32097 (WII) (WII)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:df1:800:... 2001:df1:800:a00a:5::2	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	185.86.137.107 185.86.137.107	201081 (SMARTADSE...) (SMARTADSERVER)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5 5	3.124.200.54 3.124.200.54	16509 (AMAZON-02) (AMAZON-02)
3 4	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 2	54.76.172.32 54.76.172.32	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	188.34.152.202 188.34.152.202	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
232	55

45 2606:4700:10::6816:4b8a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-65.fra2.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:4e23 (United States)

ASN13335 (CLOUDFLARENET, US)

calabeshes.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.255.14 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.176.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-632.bunnyinfra.net

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:eb9 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:f08 (United States)

ASN13335 (CLOUDFLARENET, US)

settingbrushfires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.36.140.95 (Romania)

ASN50939 (SPACE-AS, RO)
PTR: core1.spatiul.ro

gn-journal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:2d1e (United States)

ASN13335 (CLOUDFLARENET, US)

thewashingtonstandard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.15 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10015.sucuri.net

themobmuseum.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

justusaknight.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.29.158 (United States)

ASN13335 (CLOUDFLARENET, US)

files.thehandbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.58.165.79 (Sydney, Australia)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: opal2.opalstack.com

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.225.87.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-101.fra2.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:400:18:9413:7780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:40f1 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4a8a (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:20eb:8400:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.55.146.12 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c.92.37a9.ip4.static.sl-reverse.com

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:623 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:8303 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.30.243.170 (United States)

ASN32097 (WII, US)

zbbb278hfll091.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df1:800:a00a:5::2 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.107 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.124.200.54 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-200-54.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.172.32 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-172-32.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.34.152.202 (Tann, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.202.152.34.188.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	beforeitsnews.com 1 redirects beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com a1.beforeitsnews.com	814 KB
29	tradingview.com s3.tradingview.com s.tradingview.com s3-symbol-logo.tradingview.com	265 KB
28	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	344 KB
15	bitchute.com static-3.bitchute.com www.bitchute.com zbbb278hfll091.bitchute.com	241 KB
12	imgflip.com i.imgflip.com	763 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	41 KB
9	youtube.com www.youtube.com	705 KB
9	rmbl.ws sp.rmbl.ws	751 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	82 KB
7	googleapis.com fonts.googleapis.com www.googleapis.com translate.googleapis.com translate-pa.googleapis.com	87 KB
6	google-analytics.com www.google-analytics.com	59 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	11 KB
5	onesignal.com cdn.onesignal.com onesignal.com	83 KB
5	google.com translate.google.com www.google.com	41 KB
4	customads.co 1 redirects cdn2.customads.co customads.co	6 KB
3	cloudflare.com cdnjs.cloudflare.com	74 KB
3	rumble.com rumble.com	32 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	755 B
2	360yield.com 2 redirects ad.360yield.com	614 B
2	1rx.io 2 redirects sync.1rx.io	743 B
2	unrulymedia.com 1 redirects usermatch.targeting.unrulymedia.com sync.targeting.unrulymedia.com	614 B
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	e-volution.ai 2 redirects sync.e-volution.ai	918 B
2	google.de www.google.de	564 B
2	rddywd.com rddywd.com	1 KB
2	tapnewswire.com tapnewswire.com	22 KB
2	settingbrushfires.com settingbrushfires.com	2 MB
2	wp.com i2.wp.com i0.wp.com	226 KB
2	wixstatic.com static.wixstatic.com	182 KB
2	googletagmanager.com www.googletagmanager.com	71 KB
2	ytimg.com i.ytimg.com	20 KB
1	splicky.com 1 redirects bidswitch-eu.splicky.com	218 B
1	lentainform.com cm.lentainform.com	495 B
1	zeotap.com mwzeom.zeotap.com	456 B
1	idealmedia.io cm.idealmedia.io	412 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	347 B
1	adtelligent.com s.adtelligent.com sync.adtelligent.com Failed	885 B
1	plyr.io cdn.plyr.io	3 KB
1	ggpht.com yt3.ggpht.com	1 KB
1	googlesyndication.com pagead2.googlesyndication.com	51 KB
1	thehandbook.com files.thehandbook.com	93 KB
1	wordpress.com justusaknight.files.wordpress.com	739 KB
1	themobmuseum.org themobmuseum.org	69 KB
1	thewashingtonstandard.com thewashingtonstandard.com	34 KB
1	gn-journal.com gn-journal.com	97 KB
1	jamesredpillsamerica.com jamesredpillsamerica.com	847 KB
1	calabeshes.xyz calabeshes.xyz	42 KB
232	49

	Domain	Requested by
31	beforeitsnews.com	1 redirects beforeitsnews.com
19	s3-symbol-logo.tradingview.com
14	img.beforeitsnews.com	beforeitsnews.com
12	i.imgflip.com	beforeitsnews.com
9	www.youtube.com	www.youtube.com
9	s.tradingview.com	s3.tradingview.com s.tradingview.com
9	sp.rmbl.ws	beforeitsnews.com rumble.com
8	cm.mgid.com	jsc.mgid.com
7	static-3.bitchute.com	beforeitsnews.com www.bitchute.com
6	s-img.mgid.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rumble.com
6	jsc.mgid.com	beforeitsnews.com jsc.mgid.com
5	x.bidswitch.net	5 redirects
5	www.bitchute.com	beforeitsnews.com www.bitchute.com
4	cdn.mgid.com	jsc.mgid.com
4	www.gstatic.com	translate.googleapis.com www.youtube.com www.gstatic.com
4	translate.googleapis.com	translate.googleapis.com
4	www.google.com	www.youtube.com
4	stats.g.doubleclick.net	www.google-analytics.com customads.co
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	zbbb278hfll091.bitchute.com	www.bitchute.com
3	cdnjs.cloudflare.com	www.bitchute.com
3	servicer.mgid.com	jsc.mgid.com
3	rumble.com	beforeitsnews.com rumble.com
3	onesignal.com	cdn.onesignal.com
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
3	customads.co	beforeitsnews.com cdn2.customads.co
2	rtb-usw.mfadsrvr.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ad.360yield.com	2 redirects
2	sync.1rx.io	2 redirects
2	match.adsrvr.org	2 redirects
2	creativecdn.com	2 redirects
2	sync.e-volution.ai	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	www.google.de
2	rddywd.com	beforeitsnews.com
2	tapnewswire.com	beforeitsnews.com
2	settingbrushfires.com	beforeitsnews.com
2	static.wixstatic.com	beforeitsnews.com
2	www.googletagmanager.com	beforeitsnews.com s.tradingview.com
2	i.ytimg.com	beforeitsnews.com www.youtube.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	bidswitch-eu.splicky.com	1 redirects
1	sync.targeting.unrulymedia.com
1	usermatch.targeting.unrulymedia.com	1 redirects
1	cm.lentainform.com
1	mwzeom.zeotap.com
1	cm.idealmedia.io
1	pixel.rubiconproject.com
1	ssbsync.smartadserver.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.plyr.io	cdnjs.cloudflare.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	c.mgid.com	jsc.mgid.com
1	translate-pa.googleapis.com	srcdoc
1	a1.beforeitsnews.com	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	cdn2.customads.co	1 redirects
1	i0.wp.com	beforeitsnews.com
1	files.thehandbook.com	beforeitsnews.com
1	justusaknight.files.wordpress.com	beforeitsnews.com
1	themobmuseum.org	beforeitsnews.com
1	thewashingtonstandard.com	beforeitsnews.com
1	gn-journal.com	beforeitsnews.com
1	jamesredpillsamerica.com	beforeitsnews.com
1	i2.wp.com	beforeitsnews.com
1	calabeshes.xyz	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
0	sync.adtelligent.com Failed	s.adtelligent.com
232	77

This site contains links to these domains. Also see Links.

Domain
www.herbanomics.com
www.tradingview.com
t.me
mitocopper.com
hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net
widgets.mgid.com
www.mgid.com
brainberries.co
www.herbanomic.com
www.fincabayano.net
www.braintuner.com
herbeauty.co
telegram.org
feff9ztmoi36r402y32b01xx44.hop.clickbank.net
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net
8216126iklx2n488hihvlxt-u2.hop.clickbank.net
tinyurl.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.tradingview.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sp.rmbl.ws R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-27` - `2022-05-26`	6 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
static-3.bitchute.com R3	`2021-11-17` - `2022-02-15`	3 months	crt.sh
gn-journal.com cPanel, Inc. Certification Authority	`2021-12-04` - `2022-03-04`	3 months	crt.sh
themobmuseum.org Go Daddy Secure Certificate Authority - G2	`2021-07-20` - `2022-08-19`	a year	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-21` - `2022-01-21`	a year	crt.sh
tapnewswire.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
customads.co GTS CA 1D4	`2021-10-29` - `2022-01-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-11` - `2022-12-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.bitchute.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-01` - `2022-03-01`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-12-03` - `2022-03-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 27C45FF776FF93D7E1E7F4AF3B2045BA
Requests: 146 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: E40D7510AD2FE8CBAF5E80313426188E
Requests: 30 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202111523
Frame ID: BD5CE6E32B4AB3F6509D9FDA116F5689
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Frame ID: 853B7454D71FFB29CA14B79D49872313
Requests: 1 HTTP requests in this frame

Frame: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 2F2075885E95901974A2FFE96EABFF3A
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 37864E4A83C726FC76FF4C2C2BA56507
Requests: 2 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 2A1B6A2571CE6788A7234706C0CF541B
Requests: 1 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback
Frame ID: E985836EBA856484E45B032AD7C549A4
Requests: 1 HTTP requests in this frame

Frame: https://rumble.com/embed/vnmfwb/?pub=p1k0f
Frame ID: 299C0D3AC198532839791D8A1370AF19
Requests: 11 HTTP requests in this frame

Frame: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
Frame ID: 3D967D95078514F273BF4138364E8A85
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Kxdadyu1_S8
Frame ID: D05023B40ECDBF8BE20B592156DA56EF
Requests: 18 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1638745757726817307762
Frame ID: DD26C72257A8BF632AB2CC5831CAA2D1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: D840E3202824B572D8FC59BBB7DAE5D8
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: FF5BAC7A1393608FD5C383F0B7E3B659
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Page URL History Show full URLs

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Page Statistics

232
Requests

95 %
HTTPS

49 %
IPv6

49
Domains

77
Subdomains

55
IPs

11
Countries

8820 kB
Transfer

14208 kB
Size

38
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNewsGroup
Title: CHAT/CONTRIBUTE ON TELEGRAM - https://t.me/BeforeitsNewsGroup

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/certified-organic-biotin/
Title: This is the Organic Biotin That Gives Beautiful Hair, Strong Nails and an Amazing Complexion!

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/lions-mane-whole-mind-nootropic-blend

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/
Title: Protection Against Toxic EMF Damage - Smart Meter Covers

Search URL Search Domain Scan URL

URL: https://hop.clickbank.net/?vendor=javaburn&affiliate=5startech&lid=1&tid=RTL110921
Title: The World’s Only Natural Proprietary, Patent-Pending Formula, That When Combined with Coffee, Can Increase Both the Speed and Efficiency of Your Metabolism While Instantly Boosting Your Health, Energy and Well-Being

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: FOLLOW BEFORE IT'S NEWS ON TELEGRAM - https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://0d1bc30khn8aj8baofa0ob1zic.hop.clickbank.net/?tid=BINPBL101021

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://brainberries.co/gadgets-and-science/6-inventions-and-theories-made-by-women-but-credited-to-men/

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex
Title: Experience Vitality - Directly From Nature - Humic & Fulvic Trace Minerals Complex

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/9-bizarre-underwater-discoveries/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/8-once-loved-celebs-who-are-now-hated/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/8-signs-your-ex-will-eventually-come-back/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/lifestyle/6-lies-you-should-stop-telling-yourself/

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://feff9ztmoi36r402y32b01xx44.hop.clickbank.net/?tid=BINRTL1
Title: "I Killed Bruce Lee with the Death Touch" - Caution: Don't Use it Unless Your Life is in DANGER!

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/vars-liposomal-glutathione-mint-burst/
Title: THIS is Why Glutathione is Called the Miracle Molecule for Health and Anti-Aging! (VIDEO)

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: Learn The Secret To Manifesting Anything You Desire In Life - It's Easier Than You Think

Search URL Search Domain Scan URL

URL: https://8216126iklx2n488hihvlxt-u2.hop.clickbank.net/?tid=BINRTL92321
Title: Discover the Simple 3 DIGIT MANIFESTATION CODE for Unlocking the Door to Outrageous Wealth And Abundance in the Next 24 Hours…

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/top-10-enemies-turned-friends-in-tv/

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Tiny Self Defense Tool Drops a 270 Thug In 2 Seconds Flat - Get Yours While Supplies Last

Search URL Search Domain Scan URL

URL: https://t.me/herbonomics
Title: We at HerbAnomic Hope to Empower Our Customers Through Knowledge & Good Health - Follow Us on TELEGRAM

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beforeitsnews.com/ HTTP 301
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://cdn2.customads.co/_js/ajs.js HTTP 301
https://customads.co/_js/ajs.js

Request Chain 186

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 206

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 208

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lb5hhY3TGj9f HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=4782808940372913559&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 211

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=GtfWozC9VYFZzFW9M2SU&pi=mgid&tc=1

Request Chain 213

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=c5f2aaff-6d81-4460-81ab-4f504e9339d0&ttl=1641337758

Request Chain 214

https://x.bidswitch.net/sync?dsp_id=303&user_id=lb5hhY3TGj9f HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lb5hhY3TGj9f HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b?zcc=1&dspret=0&cb=1638745758582 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1bccac77-b9fa-4cb4-a585-504f2d9c6af8-003

Request Chain 215

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=022f63cf-f8d3-4785-be95-01a9df67f772

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGI1aGhZM1RHajlm&muidn=lb5hhY3TGj9f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGI1aGhZM1RHajlm&muidn=lb5hhY3TGj9f&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=lb5hhY3TGj9f&google_ula={guid},5&google_gid=CAESEAKjF5BSi4n6dc1bS0IoUdU&google_cver=1

Request Chain 217

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 218

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=100de510-ebb2-4a45-946f-7507fe6a7a48

232 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

http://beforeitsnews.com/
https://beforeitsnews.com/

121 KB
25 KB

721ms
680ms

Document
text/html

2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03352225812236982c64d3e18c27cd9b838518fe92761f4b0f5899a689ef9399

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6b90f0ec2c9e83ac-MXP
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 05 Dec 2021 23:09:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Dec 2021 00:09:15 GMT
Location: https://beforeitsnews.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b90f0ebb8835b4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 _KRSshvvWcFjj8eVhUL7TTu75W0.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 61ms
59ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 237850
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: E39J674H0Y5QDK4D
x-amz-id-2: wKG42XmEucUtvn8t2LCmeD9hRqWZtvSJKdK+4Lp22lyq91RTzmSWVnrdkSQ+krZIE9yhsCWCsmg=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7f176f4cc71059e93db3ae6263ce5c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iruw_GjpCNwc.7p7jDS427AkLHWsll2i
cf-ray: 6b90f0f0a95683ac-MXP

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 23:09:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 23:09:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 23:09:16 GMT

GET
H2 200 global-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 15 KB
4 KB 47ms
45ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 237850
cf-polished: origSize=15789
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-3dad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f0a95c83ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 fancybox-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 52ms
51ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1683103
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f0a95e83ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 home-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 28 KB
7 KB 46ms
44ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 231270
cf-polished: origSize=29134
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-71ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f0a96083ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:34:13 GMT

GET
H2 200 responsive-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 20 KB
4 KB 61ms
60ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1683103
cf-polished: origSize=20565
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-5055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f0a96283ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 web-responsive-bin-rev-20211116.css
beforeitsnews.com/static/css-v3/ 371 B
276 B 42ms
41ms Stylesheet
text/css 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-20211116.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1683103
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:33:00 GMT
server: cloudflare
etag: W/"619396ec-173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f0a96383ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
57 KB 40ms
39ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 237850
cf-polished: origSize=149701
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f0a96583ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 21 Nov 2021 14:21:42 GMT

GET
H2 200 global-bin-rev-20211116.js Show response
beforeitsnews.com/static/js-v3/ 12 KB
4 KB 62ms
61ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20211116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 237850
cf-polished: origSize=12613
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:32:22 GMT
server: cloudflare
etag: W/"619396c6-3145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f0a96783ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Mon, 29 Nov 2021 19:41:11 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 47ms
37ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 3988369
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 20 Oct 2022 18:47:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f12b3a83ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 47ms
9ms Script
text/javascript 13.224.189.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-65.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 10:32:27 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 10:32:21 GMT
server: AmazonS3
age: 45410
etag: "21900f307f22135fe5dafa6a070e7222"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10981
x-amz-cf-id: wlGTpCkJuThC1TjQilp0LKxlPxkedAti_cRqLYsLqy_U3vfK_rRrJA==

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 45ms
34ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 237959
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14030
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 02 Dec 2022 22:17:20 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f12b3983ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
690 B 44ms
34ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1140132
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 17:30:11 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f12b3b83ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/CbXxnt4CDP4/ 8 KB
9 KB 40ms
16ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/CbXxnt4CDP4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb276848f1747180c28532101148c4cdef1b525144ba50efacbeac334bcfa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8551
x-xss-protection: 0
server: sffe
etag: "1610764715"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Dec 2021 01:09:16 GMT

GET
H2 200 beforeitsnews.com.720413.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 53ms
24ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce04f323b56e0077f048d5374f6d216ffecf9194e0a0bd6adba77606e3d634

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 6918
last-modified: Thu, 25 Nov 2021 12:42:58 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Z4KED8073XZ1REV2
x-amz-id-2: 3jzlnOzMtigF2pfVlit5fJNHhpA7yb3TPyxrm59TNSOx6Av/kqXHxLAQd4UoLlxsBCeiIyVe8Xk=
cf-bgj: minify
server: cloudflare
etag: W/"38d52376015ec34e80d8e9a9fb1d1790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b90f0f13fb44e08-FRA
expires: Mon, 06 Dec 2021 02:09:16 GMT

GET
H2 200 beforeitsnews.com.720415.js Show response
jsc.mgid.com/b/e/ 2 KB
1 KB 45ms
17ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b857cfbe52d936d0824612351bb35505373cb156799bd45aec58330cf718b7a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 6715
last-modified: Thu, 25 Nov 2021 12:43:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: DK5B3GY5JV90YRMG
x-amz-id-2: Ehm7zSqILeKhqH/4p3imAsUb3OU3XhOLn/66B5pTTh1LaIQBFbI5t9Ba5D/hmmdz4q0s3kUhlDc=
cf-bgj: minify
server: cloudflare
etag: W/"c9a970d16aecbb12e7e6001692f3f7d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b90f0f13fb74e08-FRA
expires: Mon, 06 Dec 2021 02:09:16 GMT

GET
H3 200 tabs-bin-rev-20211116.js Show response
beforeitsnews.com/static/js-v3/ 148 B
729 B 41ms
41ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20211116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 237849
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:32:25 GMT
server: cloudflare
etag: W/"619396c9-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f1083059f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H2 200 12098 Show response
calabeshes.xyz/easylist/ 203 KB
42 KB 112ms
61ms Script
text/javascript 2606:4700:3035::6815:4e23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://calabeshes.xyz/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4e23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566a8cf5d3957a0de0f9375fb820d013e84d7c45c70f4b78633a9216fb06e149

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ffdbd5ba2e3fffcd6299f1ac23a07706410b83f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BcvuJ0SuSsF4FxJilwmhRODQVGx6XW39GYWzwJU0NUXXQ5XoupbadPpKMSX4Et2Oc7W2XE8SUrYquaVFsEBIC%2FRrYllnObj7LeRkLmFJOt%2Bm06LnggUP%2B5u%2FicpmPPcSrz7WljCs2xAaSxW7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 6b90f0f16b2459a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96a23deb7cdd1e1829b2d86f64fca928ae5eddf6eb7813f5b4c51c701f6d4a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36229
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Dec 2021 23:09:16 GMT

GET
H3 200 jsDeferParsing-bin-rev-20211116.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 51ms
51ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1683102
cf-polished: origSize=6188
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 11:32:24 GMT
server: cloudflare
etag: W/"619396c8-182c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f1185759f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 23 Nov 2021 11:33:33 GMT

GET
H3 200 DN2ljmq1lJUOI91HMatC4Qo4fdo.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 31ms
30ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/DN2ljmq1lJUOI91HMatC4Qo4fdo.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/_KRSshvvWcFjj8eVhUL7TTu75W0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 237849
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: KTFEJGKXS1YFXJ2S
x-amz-id-2: 3lAWH0VuUKtCZ2YqC39VQAYB5FAknAsSrxcaMyf3cUcMpj3tQ/y+VFy9FR/K0irIYkUn/KOSI/o=
last-modified: Fri, 04 Jun 2021 02:52:49 GMT
server: cloudflare
etag: W/"7a6e84d6417ab337f05fd7000f282762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: aBVNeaiVU3H7gys1mI2xPATDTQBfk7Cv
cf-ray: 6b90f0f1185c59f5-MXP

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
736 B 46ms
46ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 237849
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 100
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 20:12:42 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0f1185f59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 686 B
1 KB 43ms
43ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1140132
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 686
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 17:28:53 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0f1286f59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 16 KB
16 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:06:38 GMT
x-content-type-options: nosniff
age: 417758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16364
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 03:06:38 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v9/ 15 KB
15 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 09:53:33 GMT
x-content-type-options: nosniff
age: 393343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15124
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:18:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 09:53:33 GMT

GET
H2 200 SRtOc.qR4e-small-SITUATION-UPDATE-12521.jpg
sp.rmbl.ws/s8/1/S/R/t/O/ 56 KB
56 KB 40ms
10ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/S/R/t/O/SRtOc.qR4e-small-SITUATION-UPDATE-12521.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 833d423b290e70d48aadfca6d92874ba0291c5b4381f48784e9b75da3a495bcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
last-modified: Sun, 05 Dec 2021 18:13:51 GMT
server: nginx
etag: "e4d514009d32054830bd514776343ae0"
x-hw: 1638745756.cds136.fr8.hn,1638745756.cds167.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=71130
accept-ranges: bytes
content-length: 57227

GET
H2 200 5wpe0k.jpg
i.imgflip.com/ 73 KB
73 KB 92ms
43ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5wpe0k.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3ae716d4a68a4fbfa3c701795becc587bbb0c6ada0286fc99fa726a2f5268fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 37005
cf-polished: origSize=75018
cf-ray: 6b90f0f1ca83edc7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74452
x-amz-id-2: Gq1Sz4ZW93MuQNVjdEf7+GMn08tR0g/7IniLM8PDTPftWr4jpXpyhvliyOXYSw77pD03NGgZSQQ=
last-modified: Sun, 05 Dec 2021 12:45:50 GMT
server: cloudflare
etag: "21a7929d689c9a0adb7f138ca3869b5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 99ZAMH8PTDRKQSJV
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 OIP%20(1)(90).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 12 KB
13 KB 95ms
94ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(90).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e535f97fe2b8929b51cf044fb4ff6a156d50308aa87096c52546db979190991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 224525
cf-polished: origSize=13542, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12535
last-modified: Mon, 13 Sep 2021 00:31:55 GMT
server: cloudflare
etag: "613e9bfb-34e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 02 Oct 2022 20:22:44 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1797259f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 YhcOc.qR4e-small-SITUATION-UPDATE-12421.jpg
sp.rmbl.ws/s8/1/Y/h/c/O/ 107 KB
107 KB 60ms
31ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/Y/h/c/O/YhcOc.qR4e-small-SITUATION-UPDATE-12421.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c01eec6198c03f1b01119afde4ae1eea53455dcc66c255933171f30a4aedb079

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
last-modified: Sat, 04 Dec 2021 19:55:41 GMT
server: nginx
etag: "e902b03d4cb2ca6141a86dcebb1ed3b4"
x-hw: 1638745756.cds136.fr8.hn,1638745756.cds229.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=76264
accept-ranges: bytes
content-length: 109324

GET
H2 200 5wpf2e.jpg
i.imgflip.com/ 71 KB
72 KB 78ms
29ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5wpf2e.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f455f6b8ef0acbf9a66b8e2ac50b5801c05ae9ec2ca74f0825696c771d5d6c58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 36092
cf-polished: origSize=73407
cf-ray: 6b90f0f1ca86edc7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73123
x-amz-id-2: x/SPqJbs4n8Rv8d4+YRkuPHN4IlRfEyOZyKSnkEnoi4LSo58l/h8YIy8RdZNwWnkOwJzPO1ca2A=
last-modified: Sun, 05 Dec 2021 13:00:10 GMT
server: cloudflare
etag: "47209b84402da451b627fe98e9a50004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 68N81THN7SEZCYHJ
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 5whdcs.jpg
i.imgflip.com/ 35 KB
35 KB 91ms
43ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5whdcs.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 244ff061991c518ec76060cc65d8155e30e8592a835ac2f17f08ab129a8014ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 210730
cf-polished: origSize=36677
cf-ray: 6b90f0f1ca88edc7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36073
x-amz-id-2: Aem8tD5mA15V/YvMTYOPge016n0BdbV3H2dyhxDlHJLJ/J7jTg+njsbnWebsBlZivsossPsaaNw=
last-modified: Fri, 03 Dec 2021 12:29:11 GMT
server: cloudflare
etag: "41fe0d021b82d127605fc1c68305fb79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 41PJN4NAVSC1RWT2
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 XOhOc.qR4e-small-12.4.21-DEM-regrets-JAB-reg.jpg
sp.rmbl.ws/s8/1/X/O/h/O/ 143 KB
144 KB 40ms
12ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/X/O/h/O/XOhOc.qR4e-small-12.4.21-DEM-regrets-JAB-reg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: b809ff5643e5c977caf5bcec6227dfcfb2fc2777f1372f3474df4d336e5868d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
last-modified: Sun, 05 Dec 2021 03:08:42 GMT
server: nginx
etag: "993d1ebadc538e2ea3d026c72e7886ae"
x-hw: 1638745756.cds136.fr8.hn,1638745756.cds041.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14813
accept-ranges: bytes
content-length: 146780

GET
H3 200 hqdefault(177).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 10 KB
11 KB 94ms
92ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/hqdefault(177).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd3b6ce4411c8cbbb668621aa4c93f279233372fcccd7516e3a228b161d95374

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 105661
cf-polished: origSize=10959, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10690
last-modified: Thu, 02 Jan 2020 11:03:48 GMT
server: cloudflare
etag: "5e0dce14-2acf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 29 Nov 2022 20:51:16 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1897759f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5tvv39.jpg
i.imgflip.com/ 43 KB
43 KB 90ms
43ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5tvv39.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b1e560b1a2ddae34bc52fe2a68984955e80df629f7a21c000f4f5f61d2fa09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 2052599
cf-polished: origSize=45161
cf-ray: 6b90f0f1ca89edc7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44125
x-amz-id-2: FqHAgEn8XcwvvHYL49IInEnFDwOd808FvPjj1mBIabwLXjMQedg80HmucQOW1lWPsnCvjytUK3k=
last-modified: Fri, 12 Nov 2021 04:47:58 GMT
server: cloudflare
etag: "e98d996dfb9d600ee488546fc12a9a8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BD27ANDWZH71K9FV
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 5wlwhf.jpg
i.imgflip.com/ 117 KB
118 KB 90ms
43ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5wlwhf.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfa28c2c88fd72b39193184310f6df13671b744b8878d05091bd7194cfe3f186

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 123663
cf-polished: origSize=120610
cf-ray: 6b90f0f1ca84edc7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 120133
x-amz-id-2: c8VIPsMNL4jOro/+oUNMoZtuvgDWmPX0leHoWqvaP/YxCjIrkX2IYCCU6bAFTh66nuN+9nnHTmw=
last-modified: Sat, 04 Dec 2021 12:37:21 GMT
server: cloudflare
etag: "b6abebfcfa249f3ec111f8868f11ca81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 8HJRVJX1ZB1QKV7D
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 b0a32e_859128d856fe41828787ce52da8e6b90~mv2.jpg
static.wixstatic.com/media/b0a32e_859128d856fe41828787ce52da8e6b90~mv2.jpg/v1/fit/w_2500,h_1330,al_c/ 111 KB
112 KB 55ms
23ms Image
image/jpeg 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/b0a32e_859128d856fe41828787ce52da8e6b90~mv2.jpg/v1/fit/w_2500,h_1330,al_c/b0a32e_859128d856fe41828787ce52da8e6b90~mv2.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: e629797e2cd0c2d6350e79713166f3f36a509991b69c92d79b6b10352a74a313

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 20:57:14 GMT
via: 1.1 google
server: openresty/1.19.9.1
age: 7922
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 21slmUFNku0NiQQFW4b9VCov6RD
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114022
x-seen-by: image-manipulator-55f9c7bc4c-pgpqx

GET
H2 200 Trump-babies-Cabal.png
i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/ 38 KB
39 KB 25ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png?w=640&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 05 Dec 2021 23:09:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 16:06:15 GMT
server: nginx
etag: "faf3481fc6687853"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://operationdisclosureofficial.com/wp-content/uploads/2021/01/Trump-babies-Cabal.png>; rel="canonical"
content-length: 39300
expires: Sun, 26 Feb 2023 04:06:15 GMT

GET
H2 200 HZT2I3U952vK_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 49 KB
50 KB 60ms
12ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/HZT2I3U952vK_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

792eac0229feb28394d8233755765505295a8455b03f04f01c0b9b79c23a7cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 12/05/2021 00:14:18
cdn-pullzone: 89010
content-length: 50229
x-amz-request-id: tx000000000000001a0c11c-0061abf64a-d18cecd-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Sat, 04 Dec 2021 23:01:20 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: dff505057816e88f2a21fe64652ead93
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 VuWNc.qR4e-small-LIVE-The-Stew-Peters-Show-M.jpg
sp.rmbl.ws/s8/1/V/u/W/N/ 103 KB
104 KB 31ms
30ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/V/u/W/N/VuWNc.qR4e-small-LIVE-The-Stew-Peters-Show-M.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 08ddeed32f8c88644905ddcd468141b8e263f60ea5fa29f74aff258fb44814f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
last-modified: Fri, 03 Dec 2021 22:06:32 GMT
server: nginx
etag: "992a869e6a0eaeb783312d89879f2477"
x-hw: 1638745756.cds136.fr8.hn,1638745756.cds167.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=933
accept-ranges: bytes
content-length: 105842

GET
H2 200 85db0c_1d374a9ee45e4ce79c23e24ce594236f~mv2.webp
static.wixstatic.com/media/85db0c_1d374a9ee45e4ce79c23e24ce594236f~mv2.png/v1/fill/w_292,h_219,fp_0.50_0.50,q_95/ 71 KB
71 KB 9ms
8ms Image
image/webp 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/85db0c_1d374a9ee45e4ce79c23e24ce594236f~mv2.png/v1/fill/w_292,h_219,fp_0.50_0.50,q_95/85db0c_1d374a9ee45e4ce79c23e24ce594236f~mv2.webp
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: a98dc27d25832bf8dd864fbec7b475d5dddd5bd2fcc1bd9340f828c3e63d721a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 21:55:54 GMT
via: 1.1 google
server: openresty/1.19.9.1
age: 4402
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 21ssunNjivCocfWed6530Q5Gg1T
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72300
x-seen-by: image-manipulator-55f9c7bc4c-tspff

GET
H2 200 DANGEROUS-1.jpg
jamesredpillsamerica.com/images/ 845 KB
847 KB 97ms
47ms Image
image/jpeg 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/DANGEROUS-1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8611f2cf6538047cb0a886ab8950c3bf5c16def2711c83f70bb44814e31136d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 661623
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 865173
last-modified: Sun, 28 Nov 2021 02:35:27 GMT
server: cloudflare
etag: "61a2eaef-d3395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKfSAcWZGX3UNMCXRkqI9AW%2BkSExZrPpJ0TPn9sVbLMZES65pdfBbRSFudUwFw9uV0MSV14c8tiRYouLVu5lAlC5EVxAp%2BIfiMCcwPLMSCdsQHeToxeceazltczvym7YNULF0MVMyRjX7mojtdGR%2Fv2kcYFUOTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1f9a00f6e-MXP
expires: Mon, 28 Nov 2022 07:22:13 GMT

GET
H2 200 5vxl3r.jpg
i.imgflip.com/ 50 KB
50 KB 59ms
44ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5vxl3r.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36eb02c91aef8c14097a1e9f74797a4010624b4e971b20a0dd0dfcb7e0bffe19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 547653
cf-polished: origSize=51352
cf-ray: 6b90f0f1ca82edc7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50781
x-amz-id-2: SiS+/qyi6TeheG4NBqY4ZjqK5eLLqquXi4y5CUxBD3g2ofUfJKrigsb4X2U+JFNWk61LDpUT3ZM=
last-modified: Mon, 29 Nov 2021 14:54:31 GMT
server: cloudflare
etag: "b73c457f826c97878d17d864d0b07a5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: K0F6GYFGJXN7EMJH
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 Americas-Frontline-Doctor-You-Can-Detoxify-Yourself-From-Graphene-Oxide-much-more.jpg
settingbrushfires.com/wp-content/uploads/2021/12/ 894 KB
896 KB 75ms
26ms Image
image/jpeg 2606:4700:3031::6815:f08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://settingbrushfires.com/wp-content/uploads/2021/12/Americas-Frontline-Doctor-You-Can-Detoxify-Yourself-From-Graphene-Oxide-much-more.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:f08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Powered Cache
Resource Hash: 3d35b6b8214d250481347d0a693f6a187e51724e6ab3de3dfa507c8e7aa85c0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82398
x-powered-by: Powered Cache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 915816
last-modified: Sat, 04 Dec 2021 23:44:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJDFRBA0kuiC4%2FfInUwkMl0ZN7Oli4Tc3J6TcP3ZWFv9LjoaE8btiInWqCgwEM9D9q4TA7MHs7cAkeWiL7BkgQ2shAZWB%2BHcBZXgEvckchjS2G7vObIQtx4azGMkAUuqsDbS3qFlbMMY20ec2XO9kyNUxmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6b90f0f1f8df83a9-MXP
expires: Fri, 03 Jun 2022 00:15:58 GMT

GET
H2 200 5vt9iy.jpg
i.imgflip.com/ 46 KB
46 KB 43ms
43ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5vt9iy.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7934a6c4525d44dca72ac96a2c33de26df51c81e4ce131c806cbbf9f50aa18d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 638405
cf-polished: origSize=46985
cf-ray: 6b90f0f1da99edc7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46663
x-amz-id-2: UgbAfcGf5A5WDyGyRY4r+5nwW5x8Bb2NkJ3jfTkrLEJWGGiyMPmD+z5I3q8lWertbkSu1ETJA1s=
last-modified: Sun, 28 Nov 2021 13:44:11 GMT
server: cloudflare
etag: "c4ba9978e86cf661293f9de5b3483e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 7B7HK2C8V6XA1GD7
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 Deep-State-Deep-Shift-foto-Imgflip.jpg
gn-journal.com/wp-content/uploads/2021/12/ 97 KB
97 KB 230ms
85ms Image
image/jpeg 194.36.140.95
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gn-journal.com/wp-content/uploads/2021/12/Deep-State-Deep-Shift-foto-Imgflip.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.36.140.95 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS: core1.spatiul.ro
Software: LiteSpeed /
Resource Hash: 16fa06345cd1645890b48cd35add9041e2c56655a3e6c7e7da9a22b8e3c19b60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
last-modified: Sat, 04 Dec 2021 13:24:30 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 99037
expires: Sun, 12 Dec 2021 23:09:16 GMT

GET
H2 200 Catherine-Austin-Fitts-Planet-Lockdown.jpg
thewashingtonstandard.com/wp-content/uploads/2021/12/ 34 KB
34 KB 89ms
30ms Image
image/jpeg 2606:4700:3036::6815:2d1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thewashingtonstandard.com/wp-content/uploads/2021/12/Catherine-Austin-Fitts-Planet-Lockdown.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2d1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Powered Cache
Resource Hash: 5b527ae09fbd258f6bbfc9c7fffb59ac72cd7607712da06316a48f67ac4e5150

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176458
x-powered-by: Powered Cache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34497
last-modified: Fri, 03 Dec 2021 22:05:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UD6KQVT8U%2FRffU922ir8yTfkM8Zu90GWD9LORUTVruOYC%2BA6Txr3hAiNzYrwGzoRCFTm4LJswQ3R0NF%2FBbWcoa%2FUDB%2BG8wWpstteiE5pPM2TtTBcYlzz9Y%2Bw5cfzWeDIDOuXBkJov1KpPH7mD1O8Q0r8Z%2B5q%2FZ%2Bi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6b90f0f2494f0dfe-MXP
expires: Wed, 01 Jun 2022 22:08:18 GMT

GET
H2 200 bIq0SQ21QyjG_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 43 KB
43 KB 30ms
18ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/bIq0SQ21QyjG_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

85437b8ffd781ef6903dd53e8dab98891850565392975e27e2aa96712636ab25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cdn-edgestorageid: 756
x-amz-request-id: tx000000000000008867e7a-0061abe4be-d18d4c2-nyc3a
cdn-cachedat: 12/04/2021 22:59:26
cdn-pullzone: 89010
content-length: 43838
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Sat, 04 Dec 2021 21:46:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 59a35101e164631945d9775df73ea150
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 OIP%20(5)(24).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 32 KB
33 KB 92ms
90ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(5)(24).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c787e0230d13d870a35443cc505f92c6b2a8525b82001738508fbdb2bc5e981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 106186
cf-polished: origSize=35536, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33265
last-modified: Thu, 07 Oct 2021 15:22:49 GMT
server: cloudflare
etag: "615f10c9-8ad0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 26 Nov 2022 03:43:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1897e59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Mafia-Takedown-arrest.jpg
themobmuseum.org/wp-content/uploads/2021/01/ 69 KB
69 KB 38ms
8ms Image
image/jpeg 192.124.249.15
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themobmuseum.org/wp-content/uploads/2021/01/Mafia-Takedown-arrest.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.15 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10015.sucuri.net

Software

nginx /

Resource Hash

13afaf0e9568e1b992cc20e465664c3ceeb8ed1370d9f79ec768768c5706bac2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 70220
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Apr 2021 11:33:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "606af57a-1124c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 screen-shot-2021-12-05-at-11.01.37-am.png
justusaknight.files.wordpress.com/2021/12/ 738 KB
739 KB 40ms
7ms Image
image/png 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://justusaknight.files.wordpress.com/2021/12/screen-shot-2021-12-05-at-11.01.37-am.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

aacb1545fbd9b5a5175f2c6c57625a2b5a5ce6ade690aab3a96cb9077f42ca24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 23 np
date: Sun, 05 Dec 2021 23:09:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 05 Dec 2021 18:07:14 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://justusaknight.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 756024
expires: Sun, 09 Jan 2022 12:14:11 GMT

GET
H2 200 3xyvJ8dpBrsZ_320x180.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 15 KB
15 KB 9ms
6ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/3xyvJ8dpBrsZ_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

74fd0b368c70734786ff0c51dc8776101dd5002bc34154a984c45b69cdcf4d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cdn-edgestorageid: 722
x-amz-request-id: tx00000000000000a66cd21-0061ab7bd6-cbe965b-nyc3a
cdn-cachedat: 12/04/2021 15:31:50
cdn-pullzone: 89010
content-length: 14917
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Sat, 04 Dec 2021 14:07:36 GMT
cdn-proxyver: 1.01
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 221c12674918cc133235bfbc64743e0f
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tUZMnNIZ3lPh_320x180.jpg
static-3.bitchute.com/live/cover_images/d1urdmz7GL1P/ 8 KB
8 KB 11ms
8ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/d1urdmz7GL1P/tUZMnNIZ3lPh_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

4d6e8c545c4a5f0ef4352a0b1709c4ffecb813019825ade3b6e40c6b0b457298

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000000585bb38-0061a3c807-d1bfb72-nyc3a
cdn-cachedat: 11/28/2021 19:18:47
cdn-pullzone: 89010
content-length: 8112
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Wed, 29 Sep 2021 15:49:27 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 8a44f6728daf5e9df62d60b4df7dd470
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 OIP%20gggggggg.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 28 KB
29 KB 68ms
66ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20gggggggg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f93070dd0db5e03321a0a8febdf0825d4201a7c24bf37c905a0136d1fe9f1b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 79327
cf-polished: origSize=30419, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28711
last-modified: Sun, 05 Dec 2021 00:21:55 GMT
server: cloudflare
etag: "61ac0623-76d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 05 Dec 2022 00:24:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1898159f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 download(7).jpg
img.beforeitsnews.com/contributor/upload/792498/images/ 22 KB
23 KB 108ms
106ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/792498/images/download(7).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28d48667fd7948e356ea0e782d612c37238bd342e16ddc07846c072e89f27e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 172192
cf-polished: origSize=23768, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22833
last-modified: Fri, 03 Dec 2021 22:52:34 GMT
server: cloudflare
etag: "61aa9fb2-5cd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 03 Dec 2022 22:55:06 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1898259f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 aauvwngo6bbvkamdkjxsk2gi14v-kfuqvstsy7fxeizws800-c-k-c0x00ffffff-no-rj.jpg
files.thehandbook.com/uploads/2021/02/ 92 KB
93 KB 115ms
42ms Image
image/jpeg 172.67.29.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.thehandbook.com/uploads/2021/02/aauvwngo6bbvkamdkjxsk2gi14v-kfuqvstsy7fxeizws800-c-k-c0x00ffffff-no-rj.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.29.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd6ff6114c79556c772b3a7f40c7f626c0d6541d6d9e5f8a5f6ddb83667fda1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 159639
x-amz-server-side-encryption: AES256
cf-ray: 6b90f0f29db854be-MAN
content-length: 94255
x-amz-id-2: ZO+qd7hCv0kXEpF7dkKeXa7b+Zp9uGqmaV6f6EPI8QUPKPHFlAAqfvm1kETeZIZQnaT6MmQiJHg=
last-modified: Tue, 16 Feb 2021 21:13:40 GMT
server: cloudflare
etag: "3151b2cb6faeae2f57acb5560a3df8c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: G7B7GBZE476NSMK2
cache-control: max-age=2592000
cf-polished: degrade=85, origSize=121440
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3 200 1434_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS9zdG9yYWdlL3VwbG9hZHMvdmlldy80Yzg5ZjQ1OWVlMTllMzRlMGQyNDJmNTAxN2E1ZmNkZC5qcGc%3D.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 66 KB
66 KB 109ms
107ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/1434_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS9zdG9yYWdlL3VwbG9hZHMvdmlldy80Yzg5ZjQ1OWVlMTllMzRlMGQyNDJmNTAxN2E1ZmNkZC5qcGc%3D.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e9f70315d5137933b61efcaed750749b4d9b68f35183bb43d2bb0407de8e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 397
cf-polished: origSize=70341, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 67139
last-modified: Sun, 05 Dec 2021 22:22:29 GMT
server: cloudflare
etag: "61ad3ba5-112c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 05 Dec 2022 22:24:24 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1898359f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Andreas-Kalcker-head-300x300.jpg
tapnewswire.com/wp-content/uploads/2021/11/ 19 KB
19 KB 840ms
329ms Image
image/jpeg 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/uploads/2021/11/Andreas-Kalcker-head-300x300.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 Sydney, Australia, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: e708372195ae32160ef83b134b09c48880408b1944078b1e1657fa9dd58ec13d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
last-modified: Wed, 17 Nov 2021 10:32:19 GMT
server: nginx
accept-ranges: bytes
etag: "4b67-5d0f98e78bbd8"
content-length: 19303
content-type: image/jpeg

GET
H3 200 OIP%20(3)(42).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 20 KB
21 KB 129ms
127ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(3)(42).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f284fa51d6f09c1e0133f438bca834a3ddda95a9f9543a869a896a451f7eb48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 269185
cf-polished: origSize=23633, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20655
last-modified: Sun, 27 Jun 2021 19:55:51 GMT
server: cloudflare
etag: "60d8d7c7-5c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 Oct 2022 16:34:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1898459f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 5w3mbe.jpg
i.imgflip.com/ 79 KB
80 KB 98ms
73ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5w3mbe.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f261550bcc7e7bdf9fa8401496f03921ed936be6372b87f05c8793ad6047d00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 447286
cf-polished: origSize=81304
cf-ray: 6b90f0f24f52401f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 81091
x-amz-id-2: 9K+TzN1z3f3t7oU50GAjhdQvgy1g/sVCsTHOgMbUio0eCIXaNRdAu8Oe6ej5z5BJijgZ6/UJNNM=
last-modified: Tue, 30 Nov 2021 18:48:57 GMT
server: cloudflare
etag: "131fa238ee39a189ba10c554e0fc3006"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: AVKAJG9R64HM2MMQ
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 5whcq1.jpg
i.imgflip.com/ 90 KB
90 KB 120ms
96ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5whcq1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 702de11075fdf5eb3ffa59d162caf176be6d22d68f103c9e78eb7a98b361ac39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 210940
cf-polished: origSize=92497
cf-ray: 6b90f0f24f54401f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 92085
x-amz-id-2: emTJaOkgKqUBSC24NNX+h/huJ/o/Ykb5IgNZcdWfFf6a90MJs0eYetk359aruSqf40iKQQSSiGw=
last-modified: Fri, 03 Dec 2021 12:23:52 GMT
server: cloudflare
etag: "688cf78d66c0f5430652ce936b63fe90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: P8T9D4BWZT581NZ9
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 YmeOc.qR4e-small-Deep-State-Running-Out-Of-P.jpg
sp.rmbl.ws/s8/1/Y/m/e/O/ 160 KB
161 KB 13ms
11ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/Y/m/e/O/YmeOc.qR4e-small-Deep-State-Running-Out-Of-P.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: d4e3097be52df170165cbb68d5a1379417b4e5166ac82cd02522b69c3a30a9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
last-modified: Sat, 04 Dec 2021 22:32:34 GMT
server: nginx
etag: "116b5e4406de77d0f73d54c82e8231d7"
x-hw: 1638745756.cds136.fr8.hn,1638745756.cds052.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=85356
accept-ranges: bytes
content-length: 164165

GET
H2 200 7VxrCYo5OSXV_640x360.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 36 KB
36 KB 11ms
9ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/7VxrCYo5OSXV_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

9ba823321e38e5f4779f44c98e8f83c386d99654d01027a2f5c968a2d1f64d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cdn-edgestorageid: 755
x-amz-request-id: tx00000000000000ac5d422-0061acbd45-cbe965b-nyc3a
cdn-cachedat: 12/05/2021 13:23:17
cdn-pullzone: 89010
content-length: 36485
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Sun, 05 Dec 2021 13:13:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 5d631037d9754b52a224979799e7ca06
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 5wongg.jpg
i.imgflip.com/ 52 KB
52 KB 139ms
114ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5wongg.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aabc91c1ee1c5d1520a54cd7cf0560248f22e3dd57e2b144fce98f741e0266e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 63097
cf-polished: origSize=53852
cf-ray: 6b90f0f24f56401f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53177
x-amz-id-2: gHrFrFRpWu3KzZpiV/ck58ywYCFMz3mAsC2xOqLQdVXGtbK0KSyJiqpnw/wZ/wWvmVgkYH5DjK4=
last-modified: Sun, 05 Dec 2021 05:28:22 GMT
server: cloudflare
etag: "dc2e56e740b17cc5b5e280ced44ef38a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 2K30ZN0C962K3JRF
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 endNc.qR4e.1.jpg
sp.rmbl.ws/s8/6/e/n/d/N/ 48 KB
48 KB 25ms
23ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/e/n/d/N/endNc.qR4e.1.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 782ef29569e93e3b8fadc63d39ecb0caddec52f88949d983e687da2d4670c2f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
last-modified: Wed, 01 Dec 2021 16:59:21 GMT
server: nginx
etag: "24d4bdd6dbfcad74019af06204beb107"
x-hw: 1638745756.cds136.fr8.hn,1638745756.cds144.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=72499
accept-ranges: bytes
content-length: 49414

GET
H2 200 1LyNc.qR4e-small-SITUATION-UPDATE-12221.jpg
sp.rmbl.ws/s8/1/1/L/y/N/ 114 KB
114 KB 25ms
23ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/1/L/y/N/1LyNc.qR4e-small-SITUATION-UPDATE-12221.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: e895dda0e1d7c64c44b44484fdfd8af0c99e515f3c1d0199198b4f98ad6bfdc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
last-modified: Thu, 02 Dec 2021 18:29:27 GMT
server: nginx
etag: "aefc960fd667c2b3766ea6494dfc6702"
x-hw: 1638745756.cds136.fr8.hn,1638745756.cds218.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=71194
accept-ranges: bytes
content-length: 116426

GET
H3 200 OIP%20(1)(155).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 25 KB
26 KB 46ms
45ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(155).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

012853cfcef2bad688f5ed2116f4ff1548faa27c2ac59c2f541f1ad1c1045768

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 245421
cf-polished: origSize=27390, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25806
last-modified: Thu, 02 Dec 2021 18:02:13 GMT
server: cloudflare
etag: "61a90a25-6afe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 02 Dec 2022 18:03:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1898559f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 5ui368.jpg
i.imgflip.com/ 61 KB
62 KB 56ms
32ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5ui368.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd2b79e4e02fcb91b547efb348900055a138ccc7e5b0c80b78acc1e7fda57ea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 1588020
cf-polished: origSize=62884
cf-ray: 6b90f0f24f58401f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 62425
x-amz-id-2: 4TRQkDZnA3pGgcg1oL7po5sEbQH77tj227L1VWlWVrpjjXf6pHCgfE8SQ6o4WACOh/4KuGIeNEc=
last-modified: Wed, 17 Nov 2021 13:56:46 GMT
server: cloudflare
etag: "ff99b9edb86e3e29022a4f50e5642a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: S89C60EPS85Z0DP4
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 download-2.jpg
settingbrushfires.com/wp-content/uploads/2021/11/ 1 MB
1 MB 775ms
773ms Image
image/jpeg 2606:4700:3031::6815:f08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://settingbrushfires.com/wp-content/uploads/2021/11/download-2.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:f08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Powered Cache
Resource Hash: e458ff75561b2872dbd173c2a77278f24cfdcce1391cb4ac9ef429a14563e438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Powered Cache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1048715
last-modified: Tue, 30 Nov 2021 15:14:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIaIKy8367Nva6bUxvfgVdgVYX060%2BgfZtpf%2FBwyrEqrKJsZ8kO2mmcOTufIcHvxbG4qP2%2BDIx3%2BLtq08J%2B8ImiSZ7tjko%2FcbmR9kuSsbd67ww6tZg2ZbAaCSxXv5Py29bW%2BetKPHOc59yJ31tmrS2BRZ7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6b90f0f2294083a9-MXP
expires: Fri, 03 Jun 2022 23:09:16 GMT

GET
H3 200 5whb79.jpg
i.imgflip.com/ 41 KB
42 KB 76ms
52ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/5whb79.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.255.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b490a6c430de9a31ecf47b07ae1463109429c78b777c013d8cab36598d5b7e1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
age: 211656
cf-polished: origSize=43037
cf-ray: 6b90f0f24f4f401f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42227
x-amz-id-2: fbwJEVJWYhFHFt0FpGFSeZSqRKsaiw4vgBS1/csnig9pnJUbZUmqOv0OvRMaABf3L8oh7slNseI=
last-modified: Fri, 03 Dec 2021 12:10:31 GMT
server: cloudflare
etag: "24ce08c4014bf3d4dc8bd5daeb5314cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: YWBYP5J9VQBY9XTP
access-control-allow-origin: *
expires: Wed, 03 Dec 2031 23:09:16 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 epstein-hitler-1.jpg
i0.wp.com/libertyonenews.com/wp-content/uploads/2021/11/ 187 KB
187 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/libertyonenews.com/wp-content/uploads/2021/11/epstein-hitler-1.jpg?fit=600%2C315&ssl=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f7b10d2d1abae88769ccb1e9bc1436c2e4c16d0942b3b5f373188bf261f5af22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Sun, 05 Dec 2021 23:09:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 28 Nov 2021 08:42:06 GMT
server: nginx
etag: "b4b36c1d94c5b8b3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://libertyonenews.com/wp-content/uploads/2021/11/epstein-hitler-1.jpg>; rel="canonical"
content-length: 191450
expires: Tue, 28 Nov 2023 20:42:06 GMT

GET
H3 200 AZTEC%20SUNRISE.jpg
img.beforeitsnews.com/contributor/upload/819011/images/ 34 KB
35 KB 128ms
128ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/819011/images/AZTEC%20SUNRISE.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6a770c6422eb74abd4c7a1fd91bc024d5e2443b4ce6f167104cd78fd6f615b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 46058
cf-polished: origSize=37195, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35324
last-modified: Sun, 05 Dec 2021 09:43:17 GMT
server: cloudflare
etag: "61ac89b5-914b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 05 Dec 2022 10:05:44 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f1898759f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 twitter.png
tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/ 3 KB
3 KB 667ms
171ms Image
image/png 209.58.165.79
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/twitter.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.165.79 Sydney, Australia, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: opal2.opalstack.com
Software: nginx /
Resource Hash: 9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
last-modified: Fri, 27 Aug 2021 07:45:22 GMT
server: nginx
accept-ranges: bytes
etag: "ad4-5ca85aa77ea7b"
content-length: 2772
content-type: image/png

GET
H2 200 NIvuLzjcWhYs_640x360.jpg
static-3.bitchute.com/live/cover_images/Iw2kiviwZpwx/ 30 KB
31 KB 20ms
18ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/Iw2kiviwZpwx/NIvuLzjcWhYs_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

2bd001e850ab70345d2de50f7d8d58d250384ece64b47e2f54b1262689f8aec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cdn-edgestorageid: 723
age: 0
cdn-cachedat: 12/05/2021 17:18:38
cdn-pullzone: 89010
content-length: 30694
x-amz-request-id: tx000000000000001af578b-0061ace65e-d18cecd-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Thu, 02 Dec 2021 21:51:25 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: bdc3495c72f3d64cb97d86436b21ac3a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
16 KB 90ms
89ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1393309
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15334
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 Oct 2022 06:01:02 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0f1ca5d59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame E40D 18 KB
7 KB 98ms
14ms Document
text/html 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-101.fra2.r.cloudfront.net

Software

tv /

Resource Hash

ed2509102e99fc8a08dc044266ff34c1ada28944b67931c889bc4e2736e0c37b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-U40TfJrwA7cSAELqOHxoHw=='; base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Sun, 05 Dec 2021 23:09:03 GMT
expires: Sun, 05 Dec 2021 23:11:03 GMT
cache-control: max-age=120
content-security-policy: script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-U40TfJrwA7cSAELqOHxoHw=='; base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: vbOA-X51xy5EHa9b-ujec_RRXxyzP16nCUSZpwy9dCGhpUctefRbgQ==
age: 13

GET
H3 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame BD5C 2 KB
1 KB 44ms
33ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202111523
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b41a067e2b2e92a067c64e4198a0eacbfe70bcd2ed479cf9930885ecafee5d8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 7184
last-modified: Thu, 25 Nov 2021 12:53:21 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: CY6QH59N94KFQ7VQ
x-amz-id-2: 3p0cSzbOCsLuRDrWktogTL4jR5LEdzbgM0DhZVbbibJkBKfAG/cipqEB5mpkqw/AXifwYsS8cJQ=
cf-bgj: minify
server: cloudflare
etag: W/"ff298f2f4a7d915b5239420e6246c9a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b90f0f2082fdfcf-FRA
expires: Mon, 06 Dec 2021 02:09:16 GMT

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 50ms
49ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 237849
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43060
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 04 Nov 2022 16:08:51 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0f20b0659f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 beforeitsnews.com.720413.es6.js Show response
jsc.mgid.com/b/e/ 240 KB
71 KB 30ms
28ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65c2a83f12dd71564d562882533b7f33425641afb960bf5c7c3302c7fbbb31d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 6492
last-modified: Thu, 02 Dec 2021 14:14:08 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: DPKP4NE31R823XCY
x-amz-id-2: 1HmqjxytTDNUK6TuK9RdLHdbVrisQlLdJhcJP/H0x71n97rPd2qItmMolHwrTzY1LTme0JK0dkA=
cf-bgj: minify
server: cloudflare
etag: W/"0b101d2ef08b4b6a1f13c40f5f1aa89f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b90f0f25860dfcf-FRA
expires: Mon, 06 Dec 2021 02:09:16 GMT

GET
H2

200

ajs.js Show response
customads.co/_js/
Redirect Chain

https://cdn2.customads.co/_js/ajs.js
https://customads.co/_js/ajs.js

5 KB
3 KB

160ms
125ms

Script
application/javascript

35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 21:24:15 GMT
etag: W/"14de-17d72bbe192"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 google
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Sun, 05 Dec 2021 23:09:16 GMT
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
location: https://customads.co/_js/ajs.js
cache-control: private
content-length: 228
x-amz-cf-id: y8kcX_aicAZXowwzmQ-6KATR67lAT2FqBR7jwmO0_oWiotYIwQUm8Q==

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 57ms
57ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20211116.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 237848
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2250
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 21:37:34 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0f2acb159f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 R%20(13).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 17 KB
18 KB 49ms
46ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/R%20(13).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf906c4b69cf1b00a1becc05ea041313b9c0ef297e990812aaa7e6b60f15437e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 19037
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17821
last-modified: Sun, 05 Dec 2021 17:16:09 GMT
server: cloudflare
etag: "61acf3d9-459d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 05 Dec 2022 17:16:38 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f2ccff59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 22 KB
23 KB 66ms
65ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/2021_05_11-03_02-redvoicemedia-6099f3ad10f42.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 247668
cf-polished: origSize=24183, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22836
last-modified: Wed, 25 Aug 2021 21:06:51 GMT
server: cloudflare
etag: "6126b0eb-5e77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 21:11:26 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0f2cd0159f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 beforeitsnews.com.720415.es6.js Show response
jsc.mgid.com/b/e/ 240 KB
71 KB 33ms
33ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d0c846c3fb83999d5d8152ce19308e4c2e697f49d3ed84a8666c3be9e88307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 6179
last-modified: Thu, 02 Dec 2021 14:19:13 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 59B9F0NFMSC95D7E
x-amz-id-2: vVTF9ekUPkqEvxBGGZreN8qHe68BEtuliE+krzgs8F0Ad6KB1IQ4jqzI5N9Nk+3AtYssOHUulvU=
cf-bgj: minify
server: cloudflare
etag: W/"6b6dfe8d7e7c8e86491d8fbe70cc277b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b90f0f2c8c3dfcf-FRA
expires: Mon, 06 Dec 2021 02:09:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 77ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10fc8bb13fc53eb86f1380f39abdb19f8d6650be6ef6769a7c42be0ce64ab15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51273
x-xss-protection: 0
server: cafe
etag: 18243101908086703348
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Dec 2021 23:09:16 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
632 B 47ms
17ms Script
application/javascript 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9
last-modified: Sun, 05 Dec 2021 07:35:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuvRox1Y2u2bxZSVsZbpjk9k42lFecBNUhwTL4gPjzzAm1JzO4oILwZeyYATJi5HeeDtkIzTAuIqvCA7WoML15HF%2BHuHf8mplkxoEtu18R0RuY4yVq0Te6f4xxs9zKzrdR89vSKLXy7v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6b90f0f308130ea7-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
663 B 87ms
25ms Image
image/gif 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56597
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOjuRZARldI4JIgxZbEaI8MpcU6ZK2wQLM9Mzr7wOgMF7ipQK%2BYtzKi1wMRFrzVlJC91A4fLJTDip2e0jQMFvbknjU4uCvHcEihW3GnX0sVzgWycG1S%2BUMvwp43vOaFA2OZ6nePRGu%2Fb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6b90f0f34f9f59ef-MXP

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 45ms
7ms Image
text/plain 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 16 B
597 B 798ms
762ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af2195fcac118f7d676d530138224758fdd5d96f0fbcf4eec669c6a71556216

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6b90f0f358a91f29-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16

GET
H3 200 beforeitsnews.com.351459.es6.js Show response
jsc.mgid.com/b/e/ Frame BD5C 239 KB
71 KB 26ms
25ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=202111523
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8c9e2a5fd99b9fca9b06e29d2f8cfe449f4b7edadf601fb5e73e295b06ecdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 6492
last-modified: Thu, 02 Dec 2021 14:02:26 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 59B19W6KM9MTH4D8
x-amz-id-2: d7d5pE70fbs/Z4FFKuZEHkm+OS0Ka5eYs66wEZo59uQDis5GRznykOtKMxlqmdnad/AT4d9L97c=
cf-bgj: minify
server: cloudflare
etag: W/"1b342fb77615ff0b32c0d08618976e92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b90f0f3290bdfcf-FRA
expires: Mon, 06 Dec 2021 02:09:16 GMT

GET
H2 200 en.5f51d0ca16402669.js Show response
s.tradingview.com/static/localization/translations/ Frame E40D 435 KB
69 KB 18ms
18ms Script
application/javascript 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.5f51d0ca16402669.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-101.fra2.r.cloudfront.net

Software

tv /

Resource Hash

8c327aba01e1e5de409a666d148ca4eda028174fd38e844fe4cb82b7c51264bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218170
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 03 Dec 2021 09:26:16 GMT
server: tv
etag: W/"61a9e2b8-11087"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fHwg5nL3vnxBiL1EOCaUE-517RQyGI1QwOyzvu-UhaZRZRD03eV-dw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.3fb48b4f6d7fa67185b6.js Show response
s.tradingview.com/static/bundles/embed/ Frame E40D 43 KB
23 KB 35ms
35ms Script
application/javascript 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.3fb48b4f6d7fa67185b6.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-101.fra2.r.cloudfront.net

Software

tv /

Resource Hash

122067111c2575ed6f0fbcf11d2b027457850702bcdec43e535984b4f4cd6891

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218171
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 03 Dec 2021 09:26:35 GMT
server: tv
etag: W/"61a9e2cb-5b64"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: kJTL_z2BS3hlQOI_A7w4jgoAOsxV7RD6iqrDfgLpX8nq_3u7vqcXmg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.cfda6724c58a8c318edd.js Show response
s.tradingview.com/static/bundles/embed/ Frame E40D 143 KB
47 KB 8ms
8ms Script
application/javascript 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.cfda6724c58a8c318edd.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-101.fra2.r.cloudfront.net

Software

tv /

Resource Hash

a6d733390f4d6498b8566141002b44e9cdf41fbe5315e83e1a4c51b0eca115bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 909611
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 25 Nov 2021 08:49:03 GMT
server: tv
etag: W/"619f4dff-ba5a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 7Ow86niQPJgYAnYOmJzCt4_1GU_T7ybHtiSs91A-rB65Y4o7Yk7DYA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.f6173ea81de523a18192.js Show response
s.tradingview.com/static/bundles/embed/ Frame E40D 276 KB
79 KB 14ms
14ms Script
application/javascript 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.f6173ea81de523a18192.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-101.fra2.r.cloudfront.net

Software

tv /

Resource Hash

3e8cec58c4bc87510637e9e8c3db14f915d199255be57488bc63f95de1978c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 10:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304270
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 02 Dec 2021 08:51:55 GMT
server: tv
etag: W/"61a8892b-13769"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: vXbKL8IKjQ-wsiTc_QNsgqsQKCaqn9NJG3OM2sg-QknEIOap00zG1g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.0f19b168d88c5e2b6ad0.css
s.tradingview.com/static/bundles/embed/ Frame E40D 1 KB
1 KB 35ms
35ms Stylesheet
text/css 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.0f19b168d88c5e2b6ad0.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-101.fra2.r.cloudfront.net

Software

tv /

Resource Hash

6d1da18bcbaa7c9281f213e1815476a74289e661714323d7b59df17706969d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 10:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2291531
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 09 Nov 2021 10:06:01 GMT
server: tv
etag: W/"618a4809-2be"
vary: Accept-Encoding
content-type: text/css
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: OtAwHVIabMml_kuIC267WUfWCieyuj6SukUl3IxumAR2jTRXFZ4AHw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.ffe1705f470d9fe5dfbc.css
s.tradingview.com/static/bundles/embed/ Frame E40D 26 KB
4 KB 36ms
34ms Stylesheet
text/css 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.ffe1705f470d9fe5dfbc.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-101.fra2.r.cloudfront.net

Software

tv /

Resource Hash

d34a06bcb15ea477cd15f71108f36d9a1aedcd94b34e369780bf30e99459bd13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 10:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1428969
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 09:31:09 GMT
server: tv
etag: W/"61976edd-f8d"
vary: Accept-Encoding
content-type: text/css
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: yiNSFtrsgVyU68Qf_yGFCXz1mEEfdhPhsuKvb6n5fSNJtSkG3tjsag==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 489
date: Sun, 05 Dec 2021 23:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Dec 2021 01:01:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/ Frame 853B 11 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Dec 2021 21:22:37 GMT
expires: Sun, 19 Dec 2021 21:22:37 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 6399
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
15ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=797104942&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=376100825&gjid=828113169&cid=1739459233.1638745756&tid=UA-16055024-1&_gid=1602105404.1638745756&_r=1&gtm=2ouc10&z=1002496884

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E40D 90 KB
35 KB 30ms
16ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.f6173ea81de523a18192.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d934219b75abb39d893ae70d014805263cb664fbab55dc33862a7413ee4a015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36168
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Dec 2021 23:09:16 GMT

GET
H2 200 63158.982f1e40be21040b888f.css
s.tradingview.com/static/bundles/embed/ Frame E40D 801 B
758 B 8ms
8ms Stylesheet
text/css 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/63158.982f1e40be21040b888f.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.3fb48b4f6d7fa67185b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-101.fra2.r.cloudfront.net

Software

tv /

Resource Hash

76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 10:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2291529
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 09 Nov 2021 10:06:02 GMT
server: tv
etag: W/"618a480a-104"
vary: Accept-Encoding
content-type: text/css
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: CFOIw7XceDiueD7MsS9WFsLoANyLFphDM9BrTAeTLbLlHtpABjJmBQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.ac00c2813da1ebf015c3.js Show response
s.tradingview.com/static/bundles/embed/ Frame E40D 4 KB
3 KB 8ms
7ms Script
application/javascript 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.ac00c2813da1ebf015c3.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.3fb48b4f6d7fa67185b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-101.fra2.r.cloudfront.net

Software

tv /

Resource Hash

3f5eacbef8f64653af592eae02fd061cfd623a33b36ae1c761974f581f19ce7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 10:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2033649
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 12 Nov 2021 08:51:09 GMT
server: tv
etag: W/"618e2afd-8b0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: BeNJEW3S1JcFxsQX-Qo_kQ_CgtEOwDin6AIK5QWqRacC3q5hooh1mA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16055024-1&cid=1739459233.1638745756&jid=376100825&gjid=828113169&_gid=1602105404.1638745756&_u=YEBAAUAAAAAAAC~&z=778425362

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 05 Dec 2021 23:09:17 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame E40D 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 490
date: Sun, 05 Dec 2021 23:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Dec 2021 01:01:07 GMT

GET
H3 200 jsDynamic-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 5 KB
2 KB 37ms
37ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bee09fc277d6ccee88223868eb868bb9fd9166e2d6163df385ddc4c07628bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2258432
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:31 GMT
server: cloudflare
etag: W/"61681027-155d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f59b7b59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Thu, 21 Oct 2021 13:26:41 GMT

GET
H3 200 responsive-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
1 KB 38ms
38ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1393309
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:32 GMT
server: cloudflare
etag: W/"61681028-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f59b7e59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Sun, 21 Nov 2021 13:27:09 GMT

GET
H3 200 validate-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1399191
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:33 GMT
server: cloudflare
etag: W/"61681029-19fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f59b8059f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 16 Nov 2021 18:40:13 GMT

GET
H3 200 loadmore-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 51ms
50ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1387943
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:32 GMT
server: cloudflare
etag: W/"61681028-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f59b8459f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Wed, 27 Oct 2021 06:03:54 GMT

GET
H3 200 lazy-loading-bin-rev-202108091.js Show response
beforeitsnews.com/static/js-v3/ 124 B
696 B 33ms
33ms Script
application/javascript 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-202108091.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 237847
cf-polished: origSize=173
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 11:10:31 GMT
server: cloudflare
etag: W/"61681027-ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 6b90f0f59b8759f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Tue, 16 Nov 2021 18:40:13 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 77 KB
27 KB 60ms
31ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDeferParsing-bin-rev-20211116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa90da79647e21e3e61a0d71b1a874ffa41104d2ef2c81fb7659f59633f6948a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 8301289771671655 Show response
customads.co/lad/ Frame 2F20 1 KB
1 KB 129ms
120ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-type: text/html; charset=utf-8
content-length: 1376
date: Sun, 05 Dec 2021 23:09:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 10864438442185062 Show response
customads.co/lad/ Frame 3786 1 KB
1 KB 127ms
121ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-type: text/html; charset=utf-8
content-length: 1376
date: Sun, 05 Dec 2021 23:09:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 44ms
18ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=1739459233.1638745756&jid=376100825&_u=YEBAAUAAAAAAAC~&z=777725282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
16ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16055024-1&cid=1739459233.1638745756&jid=376100825&_u=YEBAAUAAAAAAAC~&z=777725282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 125 KB
13 KB 676ms
667ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php?_=1638745756525

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3270617dabb97efd12c8a69d7e63f735a7c54b82853166a93a0e27f2f22cc90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private
cf-ray: 6b90f0f5db611f29-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 41ms
15ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20211116.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3308
etag: W/"2d763adca2b6a93c45e5b76bff1f8c5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b90f0f60e206913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 08 Dec 2021 23:09:17 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 29ms
7ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.L5pg0hqXc7s.O/d=1/rs=AN8SPfruPRNWOdoRifimwYOkXSMecUbhiw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:03:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 06 Dec 2021 00:03:02 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.L5pg0hqXc7s.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrkeSiwSdn34i69QsN_7cX5K7tRTQ/ 223 KB
76 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.L5pg0hqXc7s.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrkeSiwSdn34i69QsN_7cX5K7tRTQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.L5pg0hqXc7s.O/d=1/rs=AN8SPfruPRNWOdoRifimwYOkXSMecUbhiw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2126a368cc26e458e97873730c9e2f06aa989455f9d7b6865a1cc92ba3b71fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 19:03:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77942
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 18:12:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 19:03:10 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 58ms
37ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3267
etag: W/"bac537a7eba0b66473f70a7a4bf837c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b90f0f65fc23743-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 08 Dec 2021 23:09:17 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 31ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 21:46:33 GMT
x-content-type-options: nosniff
age: 4964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 05 Dec 2022 21:46:33 GMT

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 2A1B 18 KB
3 KB 23ms
8ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.L5pg0hqXc7s.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrkeSiwSdn34i69QsN_7cX5K7tRTQ/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:03:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 06 Dec 2021 00:03:02 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
936 B 30ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:17:10 GMT
x-content-type-options: nosniff
age: 3127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 05 Dec 2022 22:17:10 GMT

GET
H3 200 cleardot.gif
www.google.com/images/ 43 B
65 B 39ms
21ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ebay.svg
s3-symbol-logo.tradingview.com/ Frame E40D 1 KB
1 KB 57ms
15ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/ebay.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"10fc27643c8debeb225d244f546f3641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-meta-hash: 10fc27643c8debeb225d244f546f3641
x-amz-cf-id: qMW7r5QsXBoG2ZP6nv54L0-NxdrXQYsdA_5gtyRZBN5pEkIOLzX8dw==

GET
H2 200 paypal.svg
s3-symbol-logo.tradingview.com/ Frame E40D 1 KB
1 KB 51ms
10ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/paypal.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:36:23 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:02:09 GMT
server: AmazonS3
age: 2084
etag: W/"65eea60fcee5ecdfdbb1acd1ba7cc66b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 65eea60fcee5ecdfdbb1acd1ba7cc66b
x-amz-cf-id: eyGn29DTbeUH3Rj0LmKi7ULGDD0GevwAqDFKRrMOJYDZrYzK-xb1YA==

GET
H2 200 gamestop.svg
s3-symbol-logo.tradingview.com/ Frame E40D 1 KB
1 KB 52ms
11ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/gamestop.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:42:00 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:53:53 GMT
server: AmazonS3
age: 1952
etag: W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id: A9bwSZTTR6FYKAP9MtGqu08FIeHCjsFtAo97By-_fP6JiJkSY6oM2A==

GET
H2 200 united-parcel.svg
s3-symbol-logo.tradingview.com/ Frame E40D 1 KB
1 KB 52ms
10ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/united-parcel.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:14:26 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:56:05 GMT
server: AmazonS3
age: 3377
etag: W/"ffadcdfb231eca2a6bddb9ca0efde5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: ffadcdfb231eca2a6bddb9ca0efde5be
x-amz-cf-id: nbgDNS9J456JkQ04_dieF64HnC1MEyH2m_Szesltf7is-_Uby6YqGQ==

GET
H2 200 fedex.svg
s3-symbol-logo.tradingview.com/ Frame E40D 182 B
581 B 52ms
11ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/fedex.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:04:07 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:21 GMT
server: AmazonS3
age: 596
etag: "a4fcbd383e2f657b6528f4aa95844de5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: a4fcbd383e2f657b6528f4aa95844de5
content-length: 182
x-amz-cf-id: gyJqOY6kDhDHPiEjwKc0w-8BzgLLOag7zJ27Nn5hfyvkN7Mz3TLyUQ==

GET
H2 200 dillards.svg
s3-symbol-logo.tradingview.com/ Frame E40D 522 B
912 B 56ms
15ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/dillards.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:56:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "fe0a346dd65be84d3e810b04e0ec4c77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-meta-hash: fe0a346dd65be84d3e810b04e0ec4c77
content-length: 522
x-amz-cf-id: VXfLNz2tJXhaSS0w3PsPCOhv6jwC_r2GznXqZ-J9-_xTup0duikALQ==

GET
H2 200 tesla.svg
s3-symbol-logo.tradingview.com/ Frame E40D 508 B
905 B 13ms
9ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/tesla.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:07:14 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
server: AmazonS3
age: 215
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
content-length: 508
x-amz-cf-id: Bl6Lv-yUS9EuhK8HscKhh5CkHlpdIeZkaiTr0I6EQf4mvk_xMavi_Q==

GET
H2 200 amazon.svg
s3-symbol-logo.tradingview.com/ Frame E40D 1 KB
1 KB 8ms
4ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/amazon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:50:22 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
server: AmazonS3
age: 1224
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
x-amz-cf-id: NeWOjBFp9EUwxmsp0bcOFOwKgjk4NUERYb4IvCor_hbvm24zrVR9YQ==

GET
H2 200 microsoft.svg
s3-symbol-logo.tradingview.com/ Frame E40D 304 B
699 B 15ms
11ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/microsoft.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:42:52 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
server: AmazonS3
age: 1647
etag: "074d127e2f9fd8c2e79c01a5f002979c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
content-length: 304
x-amz-cf-id: vG-INug8EairF1zVc1DuSTiSyIM83kbumS722uvsCqxFso_H-9Qlcw==

GET
H2 200 crispr-therapeutics-ag.svg
s3-symbol-logo.tradingview.com/ Frame E40D 1 KB
1 KB 13ms
9ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crispr-therapeutics-ag.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:23:24 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:03:06 GMT
server: AmazonS3
age: 2760
etag: W/"16a44c1a6154b68c7aa2fa206e59c817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 16a44c1a6154b68c7aa2fa206e59c817
x-amz-cf-id: kLGu2kFiKC1hkctky-6V3E4ytTOZDJaUbiCPNClrN4ti9KMUfla-xQ==

GET
H2 200 twitter.svg
s3-symbol-logo.tradingview.com/ Frame E40D 635 B
1 KB 15ms
11ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/twitter.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:30:18 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:54:59 GMT
server: AmazonS3
age: 2420
etag: "4c66a5172a9c77ab75e140f5079218ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 4c66a5172a9c77ab75e140f5079218ec
content-length: 635
x-amz-cf-id: wRCSQ6-qtlXJ_BQZBZdRaU7C6iuqVSFHKPV4VebaHxuWD7wIZ3tpmQ==

GET
H2 200 berkshire-hathaway.svg
s3-symbol-logo.tradingview.com/ Frame E40D 1 KB
1 KB 15ms
11ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/berkshire-hathaway.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:42:52 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:25 GMT
server: AmazonS3
age: 1617
etag: W/"7c18bc7ae368cb48e47ba8066bb6f18d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 7c18bc7ae368cb48e47ba8066bb6f18d
x-amz-cf-id: guFTw0nOzwsuteKFkZmuuegCJM_clweWLe4rYE8JAv9QmJOYmqk4Qg==

GET
H2 200 alphabet.svg
s3-symbol-logo.tradingview.com/ Frame E40D 761 B
1 KB 15ms
11ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/alphabet.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:51:37 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 08:55:20 GMT
server: AmazonS3
age: 1138
etag: "d721ee9258a9e765f67ec5dfb05d72f2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: d721ee9258a9e765f67ec5dfb05d72f2
content-length: 761
x-amz-cf-id: xw9u4NIKPjg_pwG2agU0ypJMtoESQ7EoQclJHehS4AikkTF7diPD-A==

GET
H2 200 meta-platforms.svg
s3-symbol-logo.tradingview.com/ Frame E40D 786 B
1 KB 10ms
6ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/meta-platforms.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:53:59 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
server: AmazonS3
age: 953
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
content-length: 786
x-amz-cf-id: __aH3S6CMB3L18EaHmO1BkxSvn32JR8wwP_2OWmeOppQFdmxtybxJA==

GET
H2 200 apple.svg
s3-symbol-logo.tradingview.com/ Frame E40D 1 KB
1 KB 11ms
7ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/apple.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:11:11 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
server: AmazonS3
age: 3488
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
x-amz-cf-id: Ks41UWn-wjlOB_KPjt4WL0VjO_4RcSThKxZcw5ocqUJY2KZZuGrNsg==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame E40D 523 B
912 B 11ms
7ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:49:17 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
server: AmazonS3
age: 1203
etag: "4542d4ecd73f04c73affa787a4522596"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
content-length: 523
x-amz-cf-id: 1q-LeTartrM4WCJWOfZej9ZjrczPuy6p23d0B7XHP__o5iVWkIqw8g==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame E40D 801 B
1 KB 13ms
9ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:07:05 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
server: AmazonS3
age: 132
etag: "107060b925841745f310697bd9f1f83d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
content-length: 801
x-amz-cf-id: il7RKbh_lcCx-sWgdBWTNLeZgF2xUcUvkf4HRmqIczGaBUOZJSK33w==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame E40D 3 KB
794 B 43ms
9ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:35:28 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
server: AmazonS3
age: 2030
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=2592000,s-maxage=3600
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id: CmxU2IC-powgyxSa60d-Eywr8dbFaFp1BSm7Rag7xB_H5oasOQOAUw==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame E40D 870 B
1 KB 41ms
7ms Image
image/svg+xml 2600:9000:20eb:8400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:17:40 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
server: AmazonS3
age: 3101
etag: "e9173ef4613c3da43c45885ea39c4b96"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
content-length: 870
x-amz-cf-id: vxI98XWInmk9U67ieQLl_6SD5SUC4HEWcKOQzZjjzbv3djXXaRQ2bA==

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 30ms
16ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d542f8b9dd6ce9ae6c64d50b05df41737c284a8e553875525f7d391bd9b692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2078
cf-polished: origSize=4420
status: 200 OK
x-envoy-upstream-service-time: 53
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6e65a225-593b-4faa-a48b-0f779bd9e4f4
x-runtime: 0.051295
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"31942854cab241eea3cfa854fa9a3ec3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6b90f0f769436913-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 06 Dec 2021 00:09:17 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame 2F20 45 KB
17 KB 45ms
24ms Script
text/javascript 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8301289771671655?pubid=ld-4530-2279&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1603
date: Sun, 05 Dec 2021 22:42:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Mon, 06 Dec 2021 00:42:34 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame 3786 45 KB
17 KB 40ms
20ms Script
text/javascript 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/10864438442185062?pubid=ld-7307-3077&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1603
date: Sun, 05 Dec 2021 22:42:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Mon, 06 Dec 2021 00:42:34 GMT

GET
H2 200 supportedLanguages Show response
translate-pa.googleapis.com/v1/ Frame E985 14 KB
2 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-length: 1213
x-xss-protection: 0
expires: Sun, 05 Dec 2021 23:09:17 GMT

GET
H3 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 31ms
31ms Image
image/gif 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 11:21:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 388093
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 01 Dec 2022 11:21:04 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 26ms
26ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3296
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6b90f0f83c563743-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 08 Dec 2021 23:09:17 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
564 B 347ms
323ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4f78177a-52a6-4886-a0c3-edceb05d7a1f
x-runtime: 0.011460
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6b90f0f9dd5359f5-MXP
access-control-allow-headers: SDK-Version

GET
H2 200 / Show response
c.mgid.com/pv/ 0
280 B 121ms
112ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1638745757171575649026&uniqId=0f752&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=61ad469d-1035d&pageView=1&pvid=17d8cdbd5f492632287&site=310742&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b90f0f9ed904e08-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 27ms
17ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 5579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6b90f0fa0dac4e08-FRA
expires: Mon, 06 Dec 2021 23:09:17 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
904 B 26ms
17ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 5578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6b90f0fa0dab4e08-FRA
expires: Mon, 06 Dec 2021 23:09:17 GMT

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 26ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:23:16 GMT
x-content-type-options: nosniff
age: 452761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 17:23:16 GMT

GET
H2 200 / Show response
rumble.com/embed/vnmfwb/ Frame 299C 17 KB
7 KB 332ms
110ms Document
text/html 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vnmfwb/?pub=p1k0f

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

4e780584fa758498a1ec4861be2fb53eb003c201632da3ed269e32ae3fe2e695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

server: nginx
date: Sun, 05 Dec 2021 23:09:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/vq8m0h-shocking-hidden-camera-footage-from-inside-forced-internment-camps-in-austr.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
H2 200 / Show response
www.bitchute.com/embed/3xyvJ8dpBrsZ/ Frame 3D96 2 KB
2 KB 144ms
113ms Document
text/html 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/embed/3xyvJ8dpBrsZ/

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11703f07b201e7f7f48f98eb4648e86a70e1b9dd6343faf9469084d4c07c5b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-type: text/html; charset=utf-8
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL6ByRBRgmcXoz0uve35E1u%2BBt35zaFk0I6tBMU8%2Ff%2Fm3EwepPqEhUT7Ru%2Bflr46sXhu%2B0PoBFNk9%2Fo%2B7Iu62UHe0ybjXpqN2e45M4TqVqu7%2BFET9BQyTtO2lU1C7fOePzT9pA7HH6lnLQM2N5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b90f0fa5ab7dffb-FRA
content-encoding: br

GET
H3 200 4650b593f0e99a6af4f9cff71b50574ff5eb7f6f.jpeg
beforeitsnews.com/img/i2021/12/ 11 KB
12 KB 41ms
40ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/12/4650b593f0e99a6af4f9cff71b50574ff5eb7f6f.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a4d7c82ded374430530fc03fb4fe04e44068b959c42f9effda0fd379a1a9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 406333
cf-polished: origSize=12229, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11358
last-modified: Mon, 17 Aug 2020 23:56:04 GMT
server: cloudflare
etag: "5f3b1914-2fc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 01 Dec 2022 05:00:12 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0fa3e0b59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 9ccfd1452cb8cee4ce10d45ef1b7d2300e4b6aa5.jpeg
beforeitsnews.com/img/i2021/12/ 81 KB
82 KB 62ms
61ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/12/9ccfd1452cb8cee4ce10d45ef1b7d2300e4b6aa5.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 409610
cf-polished: origSize=88643, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 83236
last-modified: Mon, 08 Mar 2021 00:49:03 GMT
server: cloudflare
etag: "6045747f-15a43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 01 Dec 2022 05:00:03 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0fa3e1159f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 f319199e111816e327fe4d2ecdef2608a91edd7b.jpeg
beforeitsnews.com/img/i2021/12/ 15 KB
15 KB 63ms
62ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/12/f319199e111816e327fe4d2ecdef2608a91edd7b.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a9dcac3e7388901101be80c2cd7201d4da0ac6aa6edd7ad37120a80a529151d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 409574
cf-polished: origSize=15804, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14899
last-modified: Wed, 21 Aug 2019 02:27:14 GMT
server: cloudflare
etag: "5d5cac02-3dbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 01 Dec 2022 05:00:01 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0fa3e1659f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 4d414e65062e5cf65657538917dbd86cddece9f2.jpg
beforeitsnews.com/img/banner_contract/ 51 KB
52 KB 44ms
44ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/4d414e65062e5cf65657538917dbd86cddece9f2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8bc161394d0f1fd1a2117405b99c2ff97fdd2bbf274310faeeba1f4129b1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 259960
cf-polished: origSize=59870, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52616
last-modified: Mon, 01 Nov 2021 22:43:47 GMT
server: cloudflare
etag: "61806da3-e9de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 02 Dec 2022 22:44:05 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0fa3e1a59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg
beforeitsnews.com/img/banner_contract/ 46 KB
46 KB 38ms
38ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/7ebd768b6a846f91958a647f8f3a64edc68426e5.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba2ec1f0e483b39c4f96db14778f55eceafa2ef67aa2b49c532a2cb24a52377b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 802668
cf-polished: origSize=51812, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46878
last-modified: Sat, 22 May 2021 12:15:55 GMT
server: cloudflare
etag: "60a8f5fb-ca64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 20 Nov 2022 11:49:25 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0fa3e1d59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
36 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 984729
cf-polished: origSize=36512, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36504
last-modified: Sat, 22 May 2021 12:16:37 GMT
server: cloudflare
etag: "60a8f625-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 20 Nov 2022 05:59:55 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0fa3e2359f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3 200 dcf09c8773644d031c1df11dd4352afcab7d6112.jpg
beforeitsnews.com/img/banner_contract/ 59 KB
59 KB 41ms
41ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/dcf09c8773644d031c1df11dd4352afcab7d6112.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 238158
cf-polished: origFmt=jpeg, origSize=149331
content-disposition: inline; filename="dcf09c8773644d031c1df11dd4352afcab7d6112.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60198
last-modified: Mon, 11 Oct 2021 07:26:58 GMT
server: cloudflare
etag: "6163e742-24753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 20:12:50 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0fa3e2459f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Kxdadyu1_S8 Show response
www.youtube.com/embed/ Frame D050 59 KB
25 KB 58ms
57ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c76804380e76ce0bdfdcec92668d1abe0d1d5d366abfe6bfa28446386aa17705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Dec 2021 23:09:17 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1 Show response
servicer.mgid.com/720413/ 1 KB
1015 B 67ms
57ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720413/1?pv=5&cbuster=1638745757299186940941&uniqId=0f752&niet=4g&nisd=false&jsv=es6&w=370&h=330&cols=1&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=61ad469d-1035d&pageView=1&pvid=17d8cdbd5f492632287&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720413.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa7eeffc61d90c1030194bbc17ca81bcbe216ec5e17eef05bfdd15a321e980a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b90f0faaeb94e08-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/720415/ 1 KB
950 B 65ms
58ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720415/1?w=370&h=330&cols=1&pv=5&cbuster=1638745757300795036883&uniqId=17835&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=61ad469d-1035d&pageView=0&pvid=17d8cdbd5f492632287&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720415.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7c3b4e4bdb129bf2e888f8ccea26132f4488ba18b3d571a1884543ec0018d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b90f0faaebb4e08-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 60ms
55ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1095&cols=1&pv=5&cbuster=1638745757302233249984&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&sessionId=61ad469d-1035d&pageView=0&pvid=17d8cdbd5f492632287&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a76e65ae0607cefdbd69fff9b443311c3ec73ff819f533febf825dacc47a05c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b90f0faaeb54e08-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8040e515/ Frame D050 336 KB
46 KB 24ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47245
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:18 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8040e515/www-embed-player.vflset/ Frame D050 217 KB
71 KB 34ms
18ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74bd1062da373eabae4c6bb2e0da3831272ca2b25ac3a19649b65dd188bd5fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72751
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:18 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame D050 2 MB
524 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bd4a9f952e5929601bd170da52e68f0e6313e954091cd5a87c10fdda17979e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535989
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:14 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8040e515/fetch-polyfill.vflset/ Frame D050 8 KB
3 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D050 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 453756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 17:06:41 GMT

GET
H2 200 plyr.min.css
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/ Frame 3D96 34 KB
5 KB 72ms
33ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.min.css

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f90aeb95b1d3ed85741aa83d086e4503d7c5103c0bdf4f0d767e6898126dff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3114455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4565
timing-allow-origin: *
last-modified: Wed, 13 Oct 2021 13:03:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6166d91d-11d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpTPUPoMDB%2B4889PHkBnePaEYgbpEFNdAT1tJMAvZv7H2Hou%2FyD09lxcdaN%2FBxYjNVkyk2sMIpFzdPWHtDExD0ohi2c4%2FlzH3%2BTQ0Kim2M7VUeCIFcl3dAH%2F0TJxD%2F0P5MCzudONFzOZYt6R96JIDsua"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b90f0fb9fb359cb-MXP
expires: Fri, 25 Nov 2022 23:09:18 GMT

GET
H2 200 embed.css
www.bitchute.com/static/v134/css/ Frame 3D96 2 KB
860 B 33ms
33ms Stylesheet
text/css 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v134/css/embed.css
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1390f94c88445a703f4d9023421bc6368f1265a8b53acad10c29e62b04c13b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 464
cf-polished: origSize=2280
last-modified: Wed, 17 Nov 2021 10:54:27 GMT
server: cloudflare
etag: W/"8e8-5d0f9dda2ecdc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TddpyUWkjcqAbpNuiDEOJBCyQJD7xN6FOibTNVIeEqC1gZv7Oc2ybRlFAK6BJ7ehEbOLH%2BAqAnUqvZANydZ%2BKJB3tfCms%2FCwBsXw4DtmeSu9Y1ZLVYpmGubwy3Ul85ATwidJqY8XiCuisSEyLxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6b90f0fb4bf6dffb-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
www.bitchute.com/cdn-cgi/bm/cv/669835187/ Frame 3D96 35 KB
9 KB 14ms
13ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FlpQCUTzd7%2FV6%2BNS1PWBynH68NXqnHPjoCuv0G4R0RI0SIvHRwTzd8Be%2BlWrzLdd%2FA6uUmZaiaXwBNaEKZP1DCj0r5RIHG6go1pVs5yGTtaywiuwQigFNdDcYsfjfd7eNP4IwO8OLWMKfvNaHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6b90f0fb5bf8dffb-FRA

GET
H2 200 3xyvJ8dpBrsZ_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ Frame 3D96 45 KB
45 KB 9ms
8ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/3xyvJ8dpBrsZ_640x360.jpg

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

783b11bfa540c0e45744dc3e1f2a821ea3b8970ee49844dfff6e3dfe2a342d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000000865e1df-0061ab7bf6-d18d4c2-nyc3a
cdn-cachedat: 12/04/2021 15:32:22
cdn-pullzone: 89010
content-length: 45592
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Sat, 04 Dec 2021 14:07:36 GMT
cdn-proxyver: 1.01
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 6a7ed85e5038e90c39b093b762c12606
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 3D96 95 KB
30 KB 62ms
25ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 248572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwgZw2wVHLHtN0V7Neu8w9s7ZDJLZkMuVF%2FhZ6X9bIzVtmGPwLSNpaEkkuxAWMLKKGFbL8yfE9CNkXHn0owUhHc7MXZ2o8%2BCeRzMzb1PoRJIRenbN1Y%2FokYTlGhLeTlSquOKZ0zbZkKZCiKPW0X51PHG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b90f0fb9fb759cb-MXP
expires: Fri, 25 Nov 2022 23:09:18 GMT

GET
H2 200 plyr.polyfilled.min.js Show response
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/ Frame 3D96 142 KB
39 KB 70ms
33ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.polyfilled.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3f190da7120996ee84acce8094248dfcfd785fb7ef0fd198c457ab66d27d00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1066764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39788
timing-allow-origin: *
last-modified: Wed, 13 Oct 2021 13:03:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6166d91d-9b6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9BPbjMGeZfMaNM3tRU6WctcbUuvSVHqL3HphRwlf13nHmSE208YAa5Qd2fgN2S%2B5iPQMFCTmwDnSlk68qx%2B1VZjlH5nlpqzDn0QMLivfvYRgCfhIHfYS%2BAcDoiFwgcoGTEwqhNSH6UjhG6Tg6DRSH%2FY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b90f0fb9fb859cb-MXP
expires: Fri, 25 Nov 2022 23:09:18 GMT

GET
H2 200 embed.js Show response
www.bitchute.com/static/v134/js/ Frame 3D96 160 B
528 B 26ms
26ms Script
application/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v134/js/embed.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcced6b6e339342e818f82c21b6b6c8ea8fcce9b944588031a2475882ddd7c4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489
cf-polished: origSize=262
last-modified: Wed, 17 Nov 2021 10:52:07 GMT
server: cloudflare
etag: W/"106-5d0f9d5484362-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbsAeurQpWwNsfAmO0HYctrJd%2BMUpVZ0UXr9qfThkuXhcTAQ6ruDwMhDNWdvfRwl3seCL7gyajb9j9CZO8V%2F89HtSTo3Q94dfK0Yapz5qk6xQ5lSCe3Zpp5sl0f%2B9e05qlmffxzGhex4HwiLK5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6b90f0fb5bf7dffb-FRA
cf-bgj: minify

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 5579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6b90f0fb689adfcf-FRA
expires: Mon, 06 Dec 2021 23:09:17 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 17ms
16ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 5578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6b90f0fb689cdfcf-FRA
expires: Mon, 06 Dec 2021 23:09:17 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTAyLTA0LzBmMjgxYWIxNzU5MWUwMTg1OTkyMzM1ZmY0ODA2MzI2LmpwZz90PTE0NTQ2MDU2NjY3MDg.webp
s-img.mgid.com/g/3805522/492x277/0x0x492x328/ 20 KB
20 KB 59ms
31ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805522/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTAyLTA0LzBmMjgxYWIxNzU5MWUwMTg1OTkyMzM1ZmY0ODA2MzI2LmpwZz90PTE0NTQ2MDU2NjY3MDg.webp?v=1638745757-bG4nciXfBsYuZkyOTmoYIwTJFTEDechu9H1WX6ClClc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aaf895ef67a732e2834a745a9cf09f110bda98e833cffeec9ff99b512b58374

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:26:54 GMT
x-mg-request-uuid: 5b29e038-07c4-4270-80f2-e1e5ad881122
age: 2533978
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0fb9ce84ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20126
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0LzMwZmQ1YjY4MjRkMzAwYTdmODkzZmYwM2MyZWRkMGFmLmpwZWc.webp
s-img.mgid.com/g/8164916/492x277/150x0x1176x784/ 9 KB
9 KB 67ms
40ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164916/492x277/150x0x1176x784/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0LzMwZmQ1YjY4MjRkMzAwYTdmODkzZmYwM2MyZWRkMGFmLmpwZWc.webp?v=1638745757-jUOrkSz9R2-vSvP7A2dV0GiF4Himt0dXmUGLVKNoRiI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bda30815e348f73188d7d41240003f4f063fbc3884cb4c255ecaa7077262a05

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:40:22 GMT
x-mg-request-uuid: e950bbba-9189-4ec7-86ec-a30e147d8b76
age: 1482439
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0fb9ceb4ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8986
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDgyLHlfNDQ4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC81YmYxM...
s-img.mgid.com/g/10881049/492x277/-/ 21 KB
22 KB 67ms
40ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10881049/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDgyLHlfNDQ4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC81YmYxMmRkYTYyN2YyNWU2NDM3NDU3NzRlZDBjNTFmZi5qcGc.webp?v=1638745757-t48VXAujTsgOtgdEWDnzekQ-E2n_LUX2vf7pZef-Q2o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2d4bdaf18049566ddbea50747415d614bbc8cac04ca8f9b2516095060196ee

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 13:47:40 GMT
x-mg-request-uuid: 9f5f5d4a-25cd-4d9e-8701-8ffd29e38df7
age: 5303648
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0fb9cf14ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21772
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp
s-img.mgid.com/g/8193502/492x277/0x299x1080x720/ 16 KB
16 KB 52ms
24ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193502/492x277/0x299x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp?v=1638745757-kPYQtOHa9LMQ4IiAmrO6_GpWQEmLv1oEcUdbgtX-e74
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb5442b7663ca77c49049cbfb09d65a4cf5357a6edf7ce9baed59530a3235d9

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:40:20 GMT
x-mg-request-uuid: 93592fa9-cfd9-4176-8f19-494f85b7532a
age: 1486783
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0fb9cef4ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16050
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC83ZmI3YjBiODBmZDIzZDBiM...
s-img.mgid.com/g/11533294/492x328/-/ 32 KB
32 KB 62ms
35ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533294/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC83ZmI3YjBiODBmZDIzZDBiMjkxNWFhMTIwNzFmMTUwZS5qcGVn.webp?v=1638745757-nIWt7VG0rF0NYp9cfVZ8QamVTEMioLKRdiuL7gbGgLo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29db4a65f8707bf37131e3e2e39deb6ae5f87c83638c0d50e756285a2e3483b2

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:23:58 GMT
x-mg-request-uuid: 722b9a13-468f-47b7-bb5c-b40532de4c10
age: 377713
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0fb9cf34ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32308
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2NkZWFmMGUxMjFmYzJmODZiZDE5NWE1OGRjMzIyZjE0LnBuZw.webp
s-img.mgid.com/g/4001395/492x328/63x0x745x496/ 17 KB
17 KB 64ms
40ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4001395/492x328/63x0x745x496/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2NkZWFmMGUxMjFmYzJmODZiZDE5NWE1OGRjMzIyZjE0LnBuZw.webp?v=1638745757-UuV_-ulMOkQQfqGIBWO-54aKo76fPRfyyaXhTqR36Xg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8fb42d9d2dbf1126609116b476b8ee85b834226cb8437b66fed683ef38dc97

Request headers

Referer: https://beforeitsnews.com/
Origin: https://beforeitsnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:56:24 GMT
x-mg-request-uuid: 1ed04810-e75e-486d-b229-e6beaad9c795
age: 218245
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b90f0fb9ced4ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17058
server: cloudflare

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D050
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

15ms
15ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

172f54577cf95e68e5ed62a7c6c618bc0e693232c3e7cb2e4b74f5d1919d0adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 05 Dec 2021 23:09:18 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D050 29 B
587 B 31ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:57:28 GMT
x-content-type-options: nosniff
age: 710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Dec 2021 23:12:28 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame D050 94 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c3adb86cfa340f1bc98bc36d09dd5d1aad7590641f4fcf893328d1e9da6b7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29853
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:14 GMT

GET
H3 200 axIybeQdxw4RbI0uaxpPXcBGoAQIrvp7kySsSJR_Uaw.js Show response
www.google.com/js/th/ Frame D050 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/axIybeQdxw4RbI0uaxpPXcBGoAQIrvp7kySsSJR_Uaw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b12326de41dc70e116c8d2e6b1a4f5dc046a00408aefa7b9324ac48947f51ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 15:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Dec 2022 15:11:39 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame D050 24 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3697e3d917558effa3f5954febde4851eaedce36c31ba854ef067187c875829e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:22 GMT

GET
DATA 200
OK truncated
/ Frame D050 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRQ_cDhJmbuI0V-JPgGjv0I5XBQy-JIKCo2ug=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D050 797 B
1 KB 32ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRQ_cDhJmbuI0V-JPgGjv0I5XBQy-JIKCo2ug=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c476d5d5a9cce342a54743c0e1ca48b35f00e664f4d0994264b825ded4054050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 19:48:30 GMT
x-content-type-options: nosniff
server: fife
age: 12048
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 797
x-xss-protection: 0
expires: Mon, 06 Dec 2021 19:48:30 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/Kxdadyu1_S8/ Frame D050 11 KB
11 KB 24ms
8ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Kxdadyu1_S8/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kxdadyu1_S8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983eec036059654e2dcefa62f6049eec38d82389a1b2f12b688e998b2058e79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:59:03 GMT
x-content-type-options: nosniff
age: 615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10922
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Dec 2021 00:59:03 GMT

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.9/ Frame 3D96 6 KB
3 KB 85ms
28ms XHR
image/svg+xml 2606:4700:3031::ac43:8303
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.9/plyr.svg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.polyfilled.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8303 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1599344
x-cache: HIT, HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7CX6P38GW7NSPV53
x-amz-id-2: LuNGrXMTZraGmeNu+V1isoRhQeXnHDGCk/R+bSHyj1YctRSpsqlTiRgGVjxB0W3hL4iGAGlyGR4=
x-served-by: cache-dca17732-DCA, cache-mxp6951-MXP
last-modified: Wed, 13 Oct 2021 10:46:58 GMT
server: cloudflare
x-timer: S1637146414.480228,VS0,VE0
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDi3UZyGZwC3OdD8YuOq0GpcwxwtqnmL8u7QvIeieY0cJxgec7x9jCsKypJlhp45L0qL%2BSE1KzSIDkNXBwjrRRNlRxWkL79QbY8IcyzaRDHciX2sdqpnDrL9Vcc7Qe7lx33TJRJZ1RFe8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 6b90f0fd1c005a25-MXP
x-cache-hits: 1, 2

GET
H/1.1 206
Partial Content 3xyvJ8dpBrsZ.mp4
zbbb278hfll091.bitchute.com/n78PbEkvWx2g/ Frame 3D96 47 KB
0 494ms
235ms Media
video/mp4 69.30.243.170
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/n78PbEkvWx2g/3xyvJ8dpBrsZ.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.243.170 , United States, ASN32097 (WII, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 05 Dec 2021 23:09:18 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-81934340/81934341
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 81934341

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
2 KB 50ms
49ms Image
image/webp 2606:4700:10::6816:4b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 228078
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1886
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 22 Nov 2022 17:33:03 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 6b90f0fceded59f5-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
1 KB 69ms
60ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1638745757662428801123
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68397acd96bdd6aa1b07cf156c39942bfc72809c468d06338305f2a964dc4d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b90f0fcea7b4e08-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 206
Partial Content 3xyvJ8dpBrsZ.mp4
zbbb278hfll091.bitchute.com/n78PbEkvWx2g/ Frame 3D96 15 KB
0 1508ms
1202ms Media
video/mp4 69.30.243.170
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/n78PbEkvWx2g/3xyvJ8dpBrsZ.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.243.170 , United States, ASN32097 (WII, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 05 Dec 2021 23:09:19 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-81934340/81934341
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 81934341

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 299C 68 KB
25 KB 106ms
106ms Script
application/javascript 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=290

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vnmfwb/?pub=p1k0f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cb677e5e49585993b23e98195084ba0673f7a3026338401dce3222dcf3690ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/vnmfwb/?pub=p1k0f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: br
last-modified: Wed, 20 Oct 2021 21:26:49 GMT
server: nginx
etag: W/"61708999-111af"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 XThOc.O-xb.jpg
sp.rmbl.ws/s8/6/X/T/h/O/ Frame 299C 18 KB
18 KB 10ms
9ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/X/T/h/O/XThOc.O-xb.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vnmfwb/?pub=p1k0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 06dc6aefe7acd70c73f660b180f2aac5098d010edec05d7f13467e97e22e7c8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
last-modified: Sun, 05 Dec 2021 03:15:42 GMT
server: nginx
etag: "56a00e2e1c7cbc9b51bfef3f0c505d86"
x-hw: 1638745758.cds136.fr8.hn,1638745758.cds229.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=15516
accept-ranges: bytes
content-length: 18635

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame DD26 19 B
135 B 57ms
57ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1638745757726817307762
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b90f0fd4b164e08-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 206 XThOc.caa.mp4
sp.rmbl.ws/s8/2/X/T/h/O/ Frame 299C 192 KB
0 10ms
9ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/X/T/h/O/XThOc.caa.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vnmfwb/?pub=p1k0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
last-modified: Sun, 05 Dec 2021 03:15:24 GMT
server: nginx
access-control-allow-origin: *
etag: "40c6c9195a2be04a4695a0c888bc537f"
x-hw: 1638745758.cds136.fr8.hn,1638745758.cds251.fr8.c
content-type: video/mp4
Content-Range: bytes 0-8564087/8564088
cache-control: max-age=15537
accept-ranges: bytes
Content-Length: 8564088

POST
H2 204 result Show response
www.bitchute.com/cdn-cgi/bm/cv/ Frame 3D96 0
523 B 14ms
14ms XHR
text/plain 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/cdn-cgi/bm/cv/result?req_id=6b90f0fa5ab7dffb
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b90f0fd7dc5dffb-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jk0VOaTRJ4wr9%2FkvcbhVCPIlHE4SGG6ajQZZ7AhqGSCBIK%2FIQuSggggg6gSwhOs%2B07HLjjzVLMzIUWwLoYs33wf%2FybI%2F5y0jWvq%2FK1c%2FwWbRedJ8LpEx9ovZ9icjTT0X8pYehGqs8F04F4oOHmI%3D"}],"group":"cf-nel","max_age":604800}

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D050 4 KB
2 KB 34ms
18ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 23:09:18 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D050 0
9 B 8ms
8ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?SyzYFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kxdadyu1_S8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D840
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

33ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1638745757662428801123
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Dec 2021 23:09:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sun, 05 Dec 2021 23:09:18 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame FF5B 1 KB
885 B 516ms
166ms Document
text/html 2001:df1:800:a00a:5::2
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1638745757662428801123
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:df1:800:a00a:5::2 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/

Response headers

Server: VertaMedia 1.0
Date: Sun, 05 Dec 2021 23:09:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lb5hhY3TGj9f
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=4782808940372913559&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

32ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 05 Dec 2021 23:09:18 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
412 B 153ms
85ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=lb5hhY3TGj9f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b90f0fe9c50d208-MAN
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ 95 B
456 B 43ms
19ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=lb5hhY3TGj9f&zpartnerid=1532&zdid=1532
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://beforeitsnews.com
access-control-allow-credentials: true
cf-ray: 6b90f0fe497d0625-FRA
access-control-allow-headers: *
content-length: 95

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=GtfWozC9VYFZzFW9M2SU&pi=mgid&tc=1

43 B
465 B

61ms
60ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=GtfWozC9VYFZzFW9M2SU&pi=mgid&tc=1
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b90f0feab61dfcf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=GtfWozC9VYFZzFW9M2SU&pi=mgid&tc=1
pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT, Sun, 05 Dec 2021 23:09:18 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
495 B 160ms
92ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=lb5hhY3TGj9f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b90f0fe9b36e5a3-MAN
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=c5f2aaff-6d81-4460-81ab-4f504e9339d0&ttl=1641337758

43 B
465 B

54ms
54ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=c5f2aaff-6d81-4460-81ab-4f504e9339d0&ttl=1641337758
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b90f0fefbacdfcf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=c5f2aaff-6d81-4460-81ab-4f504e9339d0&ttl=1641337758
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

RX-1bccac77-b9fa-4cb4-a585-504f2d9c6af8-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=lb5hhY3TGj9f
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lb5hhY3TGj9f
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b?zcc=1&dspret=0&cb=1638745758582
https://sync.targeting.unrulymedia.com/csync/RX-1bccac77-b9fa-4cb4-a585-504f2d9c6af8-003

43 B
395 B

14ms
13ms

Image
image/gif

213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-1bccac77-b9fa-4cb4-a585-504f2d9c6af8-003
Protocol: H2
Server: 213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 23:09:18 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-1bccac77-b9fa-4cb4-a585-504f2d9c6af8-003
pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=022f63cf-f8d3-4785-be95-01a9df67f772

43 B
465 B

97ms
97ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=022f63cf-f8d3-4785-be95-01a9df67f772
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b90f0ff0bc3dfcf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=022f63cf-f8d3-4785-be95-01a9df67f772
date: Sun, 05 Dec 2021 23:09:18 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGI1aGhZM1RHajlm&muidn=lb5hhY3TGj9f
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGI1aGhZM1RHajlm&muidn=lb5hhY3TGj9f&google_tc=
https://cm.mgid.com/google?muidn=lb5hhY3TGj9f&google_ula={guid},5&google_gid=CAESEAKjF5BSi4n6dc1bS0IoUdU&google_cver=1

0
376 B

63ms
62ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=lb5hhY3TGj9f&google_ula={guid},5&google_gid=CAESEAKjF5BSi4n6dc1bS0IoUdU&google_cver=1
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b90f0fecb7bdfcf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=lb5hhY3TGj9f&google_ula={guid},5&google_gid=CAESEAKjF5BSi4n6dc1bS0IoUdU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b
https://cm.mgid.com/m?cdsp=433145&c=7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b&gdpr=&gdpr_consent=&us_privacy=

43 B
465 B

55ms
55ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b&gdpr=&gdpr_consent=&us_privacy=
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b90f0fefbb7dfcf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b&gdpr=&gdpr_consent=&us_privacy=
Date: Sun, 05 Dec 2021 23:09:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=100de510-ebb2-4a45-946f-7507fe6a7a48

43 B
481 B

59ms
59ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=100de510-ebb2-4a45-946f-7507fe6a7a48
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b90f1029812dfcf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=100de510-ebb2-4a45-946f-7507fe6a7a48
date: Sun, 05 Dec 2021 23:09:19 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame D050 52 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 19:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Mon, 06 Dec 2021 19:02:46 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 299C 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 491
date: Sun, 05 Dec 2021 23:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Dec 2021 01:01:07 GMT

POST
H2 200 view...nmfwb.jc709f
rumble.com/l/ Frame 299C 35 B
191 B 102ms
100ms Ping
image/gif 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...nmfwb.jc709f?p=2.3&r=91622878&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vnmfwb/?pub=p1k0f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 299C 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=207203476&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4.vnmfwb%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Shocking%20Hidden%20Camera%20Footage%20from%20Inside%20Forced%20Internment%20Camps%20in%20Australia%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&_u=YEBAAEABAAAAAC~&jid=390937903&gjid=499792654&cid=1158701300.1638745758&tid=UA-44331619-1&_gid=10923974.1638745758&_r=1&_slc=1&z=1876716042

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 299C 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=207203476&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4.vnmfwb%2F&dr=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Shocking%20Hidden%20Camera%20Footage%20from%20Inside%20Forced%20Internment%20Camps%20in%20Australia%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=367x245&je=0&ec=Embed&ea=View&el=vnmfwb&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1158701300.1638745758&tid=UA-44331619-1&_gid=10923974.1638745758&z=705673648

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vnmfwb/?pub=p1k0f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 15:47:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26487
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 299C 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44331619-1&cid=1158701300.1638745758&jid=390937903&gjid=499792654&_gid=10923974.1638745758&_u=YEBAAEAAAAAAAC~&z=1177352089

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 05 Dec 2021 23:09:18 GMT
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D840 32 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 88b8317bad05fa241b8001ba25175171729b7df8d67f4f1c796e36e52a4a624e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 23:09:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22340
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9512
Expires: Mon, 06 Dec 2021 05:21:38 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D840 284 B
536 B 34ms
9ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 299C 42 B
63 B 20ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=1158701300.1638745758&jid=390937903&_u=YEBAAEAAAAAAAC~&z=1001173440

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 299C 42 B
63 B 37ms
19ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=1158701300.1638745758&jid=390937903&_u=YEBAAEAAAAAAAC~&z=1001173440

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 23:09:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 3xyvJ8dpBrsZ.mp4
zbbb278hfll091.bitchute.com/n78PbEkvWx2g/ Frame 3D96 287 KB
0 1829ms
1234ms Media
video/mp4 69.30.243.170
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/n78PbEkvWx2g/3xyvJ8dpBrsZ.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/3xyvJ8dpBrsZ/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.243.170 , United States, ASN32097 (WII, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=78905344-

Response headers

Date: Sun, 05 Dec 2021 23:09:20 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 78905344-81934340/81934341
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3028997

GET csync
sync.adtelligent.com/ Frame FF5B 0
0

GET 3xyvJ8dpBrsZ.mp4
zbbb278hfll091.bitchute.com/n78PbEkvWx2g/ Frame 3D96 0
0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D050 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kxdadyu1_S8
X-YouTube-Client-Version: 1.20211201.01.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtNOUNEQ3FHLUNYdyidjbWNBg%3D%3D
X-YouTube-Ad-Signals: dt=1638745757472&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 05 Dec 2021 23:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 05 Dec 2021 23:09:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Domain: zbbb278hfll091.bitchute.com
URL: https://zbbb278hfll091.bitchute.com/n78PbEkvWx2g/3xyvJ8dpBrsZ.mp4

Verdicts & Comments Add Verdict or Comment

305 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s2
beforeitsnews.com/	1970-01-19 23:12:34	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKySjDWD7HNSdD
.mgid.com/	1970-01-19 23:12:27	Name: __cf_bm Value: XYj04.tTq29IUS_05ml5eTxWbKzcDTA4lC1sCG5nsGE-1638745756-0-AdL2kLSJvKbSsaAEe4aTrbMAPc4fX0LD2qp4PjUBm78B66d6NeOIS8a4C3yh8VMaMB0KQ/p7DCcvcv9Q417DnUI=
beforeitsnews.com/	1970-01-20 23:12:25	Name: b4in-uuid Value: 1a681092-b790-49b3-add9-5f301c8b6633
.beforeitsnews.com/	1970-01-20 16:43:37	Name: _ga Value: GA1.2.1739459233.1638745756
.beforeitsnews.com/	1970-01-19 23:13:52	Name: _gid Value: GA1.2.1602105404.1638745756
.beforeitsnews.com/	1970-01-19 23:12:25	Name: _gat_gtag_UA_16055024_1 Value: 1
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lb5hhY3TGj9f
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ubP4mtEiEd0
.youtube.com/	1970-01-20 03:31:37	Name: VISITOR_INFO1_LIVE Value: M9CDCqG-CXw
servicer.mgid.com/	1970-01-19 23:12:26	Name: __mglb Value: b77c90ace61932b85ead847cc0fcb78b
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A1638745757427%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A1638745757429%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A1638745757424%7D%7D
.bitchute.com/	1970-01-19 23:12:27	Name: __cf_bm Value: Zu4VL3UF58Q1pw5Uip0z5.l6RPuIy48oEByBQjJ8cA4-1638745758-0-AUbUxJuQhyQdSO2lx7FoYrhB0PLL7by61YmYXEFDdjXxZyHeQSb+xLnhE7q/KDHtDGmHKkyw7StzF0y54RoNdniYRrpVHLzB7Q34nalTtHisPbDb3ee/wZZ+fjKRG8ZSUg==
.zeotap.com/	1970-01-20 07:58:01	Name: zc Value: 7cfdd960-eb8d-459b-681e-2750dbca432f
.bidswitch.net/	1970-01-20 07:58:01	Name: c Value: 1638745758
.bidswitch.net/	1970-01-20 07:58:01	Name: tuuid_lu Value: 1638745758
.bidswitch.net/	1970-01-20 07:58:01	Name: tuuid Value: 7e4f52cf-eb87-411e-bf4b-45c2f3bfae2b
.creativecdn.com/	1970-01-20 07:58:01	Name: u Value: GtfWozC9VYFZzFW9M2SU
.creativecdn.com/	1970-01-20 07:58:01	Name: ts Value: 1638745758
.e-volution.ai/	1970-01-19 23:32:35	Name: v_usr Value: 3f1b6ea4-7564-4892-9152-3f20fccfaf3a
.rumble.com/	1970-01-20 16:43:37	Name: _ga Value: GA1.2.1158701300.1638745758
.rumble.com/	1970-01-19 23:13:52	Name: _gid Value: GA1.2.10923974.1638745758
.rumble.com/	1970-01-19 23:12:25	Name: _gat_rumble Value: 1
.doubleclick.net/	1970-01-20 08:34:01	Name: IDE Value: AHWqTUmMKTqn-_TW1KhXoCdRTiPQEhsW_Fhhp-VVAdXG0tKj43GUOaZceXPjhwqF9po
.adsrvr.org/	1970-01-20 07:58:01	Name: TDID Value: c5f2aaff-6d81-4460-81ab-4f504e9339d0
.360yield.com/	1970-01-20 01:22:01	Name: tuuid Value: 022f63cf-f8d3-4785-be95-01a9df67f772
.360yield.com/	1970-01-20 01:22:01	Name: tuuid_lu Value: 1638745758
.adsrvr.org/	1970-01-20 07:58:01	Name: TDCPM Value: CAEYBSABKAIyCwiKr_ru35OcOhAFOAE.
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: lb5hhY3TGj9f
.smartadserver.com/	1970-01-20 08:42:40	Name: pid Value: 4782808940372913559
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: lb5hhY3TGj9f
.1rx.io/	1970-01-20 07:58:01	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1bccac77-b9fa-4cb4-a585-504f2d9c6af8-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 07:58:01	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1bccac77-b9fa-4cb4-a585-504f2d9c6af8-003%22%7D
.mfadsrvr.com/	1970-01-20 16:43:37	Name: tuuid Value: 100de510-ebb2-4a45-946f-7507fe6a7a48
.mfadsrvr.com/	1970-01-20 16:43:37	Name: c Value: 1638745758
.mfadsrvr.com/	1970-01-20 16:43:37	Name: tuuid_lu Value: 1638745759
.mfadsrvr.com/	1970-01-20 16:43:37	Name: ssh Value: !mgid,1638745759
cm.mgid.com/	1970-01-19 23:55:37	Name: mg_sync Value: {"287839":1638745759,"665953":1638745758}

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/1434_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS9zdG9yYWdlL3VwbG9hZHMvdmlldy80Yzg5ZjQ1OWVlMTllMzRlMGQyNDJmNTAxN2E1ZmNkZC5qcGc%3D.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://images.fineartamerica.com/images-medium-large/1-earth-sos-conceptual-image-detlev-van-ravenswaay.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.beforeitsnews.com
ad.360yield.com
ajax.beforeitsnews.com
beforeitsnews.com
bidswitch-eu.splicky.com
c.mgid.com
calabeshes.xyz
cdn.mgid.com
cdn.onesignal.com
cdn.plyr.io
cdn2.customads.co
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
customads.co
eus.rubiconproject.com
files.thehandbook.com
fonts.googleapis.com
fonts.gstatic.com
gn-journal.com
googleads.g.doubleclick.net
i.imgflip.com
i.ytimg.com
i0.wp.com
i2.wp.com
img.beforeitsnews.com
jamesredpillsamerica.com
jsc.mgid.com
justusaknight.files.wordpress.com
match.adsrvr.org
mwzeom.zeotap.com
onesignal.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
rddywd.com
rtb-usw.mfadsrvr.com
rumble.com
s-img.mgid.com
s.adtelligent.com
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
secure-assets.rubiconproject.com
servicer.mgid.com
settingbrushfires.com
sp.rmbl.ws
ssbsync.smartadserver.com
static-3.bitchute.com
static.doubleclick.net
static.wixstatic.com
stats.g.doubleclick.net
sync.1rx.io
sync.adtelligent.com
sync.e-volution.ai
sync.targeting.unrulymedia.com
tapnewswire.com
themobmuseum.org
thewashingtonstandard.com
token.rubiconproject.com
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
usermatch.targeting.unrulymedia.com
www.bitchute.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
zbbb278hfll091.bitchute.com
sync.adtelligent.com
zbbb278hfll091.bitchute.com
104.109.78.125
104.16.221.74
104.18.255.14
104.19.132.78
104.19.136.78
104.19.217.61
109.206.161.21
13.224.189.65
13.225.87.101
142.250.181.226
15.197.193.217
151.139.128.11
169.55.146.12
172.67.29.158
185.184.8.65
185.86.137.107
188.34.152.202
192.0.72.23
192.0.77.2
192.124.249.15
194.36.140.95
2.19.35.65
2001:df1:800:a00a:5::2
209.58.165.79
213.19.147.45
2600:9000:20eb:8400:1f:2f70:3e80:93a1
2600:9000:21f3:400:18:9413:7780:93a1
2606:4700:10::6816:4a8a
2606:4700:10::6816:4b8a
2606:4700:10::ac43:db6
2606:4700:20::681a:623
2606:4700:3031::6815:f08
2606:4700:3031::ac43:8303
2606:4700:3035::6815:40f1
2606:4700:3035::6815:4e23
2606:4700:3036::6815:2d1e
2606:4700:3036::6815:eb9
2606:4700::6810:135e
2606:4700::6812:e234
2a00:1450:4001:802::200e
2a00:1450:4001:809::200a
2a00:1450:4001:809::2016
2a00:1450:4001:80e::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9d
3.124.200.54
34.102.176.152
35.190.30.115
35.212.212.222
54.76.172.32
69.173.144.138
69.173.144.165
69.30.243.170
89.187.169.15
012853cfcef2bad688f5ed2116f4ff1548faa27c2ac59c2f541f1ad1c1045768
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
03352225812236982c64d3e18c27cd9b838518fe92761f4b0f5899a689ef9399
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
06dc6aefe7acd70c73f660b180f2aac5098d010edec05d7f13467e97e22e7c8d
08ddeed32f8c88644905ddcd468141b8e263f60ea5fa29f74aff258fb44814f8
0b3c2e1670b85b0e763a3d78cf933b86a2b7ed451eaf520eaf1db3cc0c30b8d8
0c7c3b4e4bdb129bf2e888f8ccea26132f4488ba18b3d571a1884543ec0018d5
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f93070dd0db5e03321a0a8febdf0825d4201a7c24bf37c905a0136d1fe9f1b1
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
10fc8bb13fc53eb86f1380f39abdb19f8d6650be6ef6769a7c42be0ce64ab15b
11703f07b201e7f7f48f98eb4648e86a70e1b9dd6343faf9469084d4c07c5b51
122067111c2575ed6f0fbcf11d2b027457850702bcdec43e535984b4f4cd6891
12832ebe098f25ef816bd79b41e69f043a781f61e5a502a544f56dac1b74f988
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
135d33fda618989589e4d6f2d10fd7febe414dc38724db75a3c92710ccb9a1dc
1390f94c88445a703f4d9023421bc6368f1265a8b53acad10c29e62b04c13b96
13afaf0e9568e1b992cc20e465664c3ceeb8ed1370d9f79ec768768c5706bac2
13d5e6581b694fe4f1e1006b44f7c163da1c97d038fe9f355e400c3c5991dbe1
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
16fa06345cd1645890b48cd35add9041e2c56655a3e6c7e7da9a22b8e3c19b60
172f54577cf95e68e5ed62a7c6c618bc0e693232c3e7cb2e4b74f5d1919d0adf
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1bb5442b7663ca77c49049cbfb09d65a4cf5357a6edf7ce9baed59530a3235d9
1f261550bcc7e7bdf9fa8401496f03921ed936be6372b87f05c8793ad6047d00
20a4d7c82ded374430530fc03fb4fe04e44068b959c42f9effda0fd379a1a9a4
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
23be6b31ed7e9df325edd509b0f0e47cdb4aea28016ab74923807ac32ab6cf3b
244ff061991c518ec76060cc65d8155e30e8592a835ac2f17f08ab129a8014ba
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
27ade501ed1979a72641c4341d674b0ac8268a928ab4f256f55603fef19dc7ea
28d48667fd7948e356ea0e782d612c37238bd342e16ddc07846c072e89f27e25
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
29db4a65f8707bf37131e3e2e39deb6ae5f87c83638c0d50e756285a2e3483b2
2aaf895ef67a732e2834a745a9cf09f110bda98e833cffeec9ff99b512b58374
2bd001e850ab70345d2de50f7d8d58d250384ece64b47e2f54b1262689f8aec3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
3589de148c9d81c39a4774eaeeeddde3bd4fcb8e8a13d7ef0e0f6aa69a72524d
3697e3d917558effa3f5954febde4851eaedce36c31ba854ef067187c875829e
36eb02c91aef8c14097a1e9f74797a4010624b4e971b20a0dd0dfcb7e0bffe19
3a143c4cf0bfb3587e1053c6283374e72fe41f891ad2a4d336ca07868bf1dfde
3d35b6b8214d250481347d0a693f6a187e51724e6ab3de3dfa507c8e7aa85c0b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e8cec58c4bc87510637e9e8c3db14f915d199255be57488bc63f95de1978c91
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5eacbef8f64653af592eae02fd061cfd623a33b36ae1c761974f581f19ce7f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a8fb42d9d2dbf1126609116b476b8ee85b834226cb8437b66fed683ef38dc97
4b1e560b1a2ddae34bc52fe2a68984955e80df629f7a21c000f4f5f61d2fa09f
4bda30815e348f73188d7d41240003f4f063fbc3884cb4c255ecaa7077262a05
4bee09fc277d6ccee88223868eb868bb9fd9166e2d6163df385ddc4c07628bcc
4c3adb86cfa340f1bc98bc36d09dd5d1aad7590641f4fcf893328d1e9da6b7f0
4d6e8c545c4a5f0ef4352a0b1709c4ffecb813019825ade3b6e40c6b0b457298
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
4e535f97fe2b8929b51cf044fb4ff6a156d50308aa87096c52546db979190991
4e780584fa758498a1ec4861be2fb53eb003c201632da3ed269e32ae3fe2e695
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
53d542f8b9dd6ce9ae6c64d50b05df41737c284a8e553875525f7d391bd9b692
55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396
55e9f70315d5137933b61efcaed750749b4d9b68f35183bb43d2bb0407de8e55
566a8cf5d3957a0de0f9375fb820d013e84d7c45c70f4b78633a9216fb06e149
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5a9dcac3e7388901101be80c2cd7201d4da0ac6aa6edd7ad37120a80a529151d
5b527ae09fbd258f6bbfc9c7fffb59ac72cd7607712da06316a48f67ac4e5150
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
65c2a83f12dd71564d562882533b7f33425641afb960bf5c7c3302c7fbbb31d3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68397acd96bdd6aa1b07cf156c39942bfc72809c468d06338305f2a964dc4d83
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6a8c9e2a5fd99b9fca9b06e29d2f8cfe449f4b7edadf601fb5e73e295b06ecdd
6b12326de41dc70e116c8d2e6b1a4f5dc046a00408aefa7b9324ac48947f51ac
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
6c289e80358488e36c4ec5fcc2e0d3026997f15c3a09ac114ba3fe103243c1f4
6c5472b311cc5cb731d6d9ded2dc1ef1143e97e79a444dd85e58cbb199f1fe62
6d1da18bcbaa7c9281f213e1815476a74289e661714323d7b59df17706969d08
6dd2300a56c578e0c2db2408fb58a021317d7011c2aeb02e3c2cbc84ac68e965
702de11075fdf5eb3ffa59d162caf176be6d22d68f103c9e78eb7a98b361ac39
708e15f646a4a88e3398f55ae92a59a527aeeff35f3a801ba5e575aa1a2ea038
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74bd1062da373eabae4c6bb2e0da3831272ca2b25ac3a19649b65dd188bd5fe8
74fd0b368c70734786ff0c51dc8776101dd5002bc34154a984c45b69cdcf4d3a
76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05
782ef29569e93e3b8fadc63d39ecb0caddec52f88949d983e687da2d4670c2f9
783b11bfa540c0e45744dc3e1f2a821ea3b8970ee49844dfff6e3dfe2a342d33
792eac0229feb28394d8233755765505295a8455b03f04f01c0b9b79c23a7cb9
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7c787e0230d13d870a35443cc505f92c6b2a8525b82001738508fbdb2bc5e981
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
81d67e9a3cad9781233afbf27d9ec1d076970de1fca7dc144570e28b9f5dfec7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833d423b290e70d48aadfca6d92874ba0291c5b4381f48784e9b75da3a495bcb
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85437b8ffd781ef6903dd53e8dab98891850565392975e27e2aa96712636ab25
8611f2cf6538047cb0a886ab8950c3bf5c16def2711c83f70bb44814e31136d2
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87ce04f323b56e0077f048d5374f6d216ffecf9194e0a0bd6adba77606e3d634
88b8317bad05fa241b8001ba25175171729b7df8d67f4f1c796e36e52a4a624e
8af2195fcac118f7d676d530138224758fdd5d96f0fbcf4eec669c6a71556216
8bd4a9f952e5929601bd170da52e68f0e6313e954091cd5a87c10fdda17979e9
8c327aba01e1e5de409a666d148ca4eda028174fd38e844fe4cb82b7c51264bd
8c6b9a83f42cb144aa389cd13ebf0d3349818b28170449f11813094ae2492c21
8d934219b75abb39d893ae70d014805263cb664fbab55dc33862a7413ee4a015
8f90aeb95b1d3ed85741aa83d086e4503d7c5103c0bdf4f0d767e6898126dff1
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
92c90a9fad411e1735a51e42c34537725149bf0962aa30d593fe5f311be8d1bc
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
96a23deb7cdd1e1829b2d86f64fca928ae5eddf6eb7813f5b4c51c701f6d4a12
978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54
9793f17ab3657d2736ec871d5b64f0c169515e7cd296ad7fe2f584b0d2ed547f
983eec036059654e2dcefa62f6049eec38d82389a1b2f12b688e998b2058e79e
9ba823321e38e5f4779f44c98e8f83c386d99654d01027a2f5c968a2d1f64d50
9cb276848f1747180c28532101148c4cdef1b525144ba50efacbeac334bcfa61
9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6
9e6a770c6422eb74abd4c7a1fd91bc024d5e2443b4ce6f167104cd78fd6f615b
a0f49beed6244d72093b602daf1587dbd93a8233f63d44049f22806c62ce0e1a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2126a368cc26e458e97873730c9e2f06aa989455f9d7b6865a1cc92ba3b71fc
a6d733390f4d6498b8566141002b44e9cdf41fbe5315e83e1a4c51b0eca115bb
a76e65ae0607cefdbd69fff9b443311c3ec73ff819f533febf825dacc47a05c5
a98dc27d25832bf8dd864fbec7b475d5dddd5bd2fcc1bd9340f828c3e63d721a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7eeffc61d90c1030194bbc17ca81bcbe216ec5e17eef05bfdd15a321e980a4
aa90da79647e21e3e61a0d71b1a874ffa41104d2ef2c81fb7659f59633f6948a
aabc91c1ee1c5d1520a54cd7cf0560248f22e3dd57e2b144fce98f741e0266e6
aacb1545fbd9b5a5175f2c6c57625a2b5a5ce6ade690aab3a96cb9077f42ca24
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3270617dabb97efd12c8a69d7e63f735a7c54b82853166a93a0e27f2f22cc90
b41a067e2b2e92a067c64e4198a0eacbfe70bcd2ed479cf9930885ecafee5d8d
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
b490a6c430de9a31ecf47b07ae1463109429c78b777c013d8cab36598d5b7e1d
b6491c1c3368cd82fa081c2bb6202e22001ff595b7caa7e95f05046aa1fa2fb2
b809ff5643e5c977caf5bcec6227dfcfb2fc2777f1372f3474df4d336e5868d3
b857cfbe52d936d0824612351bb35505373cb156799bd45aec58330cf718b7a7
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba2ec1f0e483b39c4f96db14778f55eceafa2ef67aa2b49c532a2cb24a52377b
ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691
ba8bc161394d0f1fd1a2117405b99c2ff97fdd2bbf274310faeeba1f4129b1d8
bcced6b6e339342e818f82c21b6b6c8ea8fcce9b944588031a2475882ddd7c4e
bdac3b2e717d6b9c56e993749d915b26847520b8bd7dfb90d1f9089fffe09e29
c01eec6198c03f1b01119afde4ae1eea53455dcc66c255933171f30a4aedb079
c476d5d5a9cce342a54743c0e1ca48b35f00e664f4d0994264b825ded4054050
c6269d2148729d811cc8a9dfd7e7556e95d89b2c0f3e1b11d87eccb6942cabe7
c76804380e76ce0bdfdcec92668d1abe0d1d5d366abfe6bfa28446386aa17705
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cb677e5e49585993b23e98195084ba0673f7a3026338401dce3222dcf3690ec5
cd2d4bdaf18049566ddbea50747415d614bbc8cac04ca8f9b2516095060196ee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf906c4b69cf1b00a1becc05ea041313b9c0ef297e990812aaa7e6b60f15437e
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d0d0c846c3fb83999d5d8152ce19308e4c2e697f49d3ed84a8666c3be9e88307
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d34a06bcb15ea477cd15f71108f36d9a1aedcd94b34e369780bf30e99459bd13
d4e3097be52df170165cbb68d5a1379417b4e5166ac82cd02522b69c3a30a9f2
d555499c45e53432bd0e9daa2e950048b05b30d97e8eae780e26d0c17abf13b3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3
da8688a50b98af6cfcb106a460d4371795eed39b580da7672083e79149c6f3f9
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc7552eae9d36030749cecb1997787d39b266dafc55c2ad5fe59e1db6d9f391
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dfa28c2c88fd72b39193184310f6df13671b744b8878d05091bd7194cfe3f186
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e458ff75561b2872dbd173c2a77278f24cfdcce1391cb4ac9ef429a14563e438
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e629797e2cd0c2d6350e79713166f3f36a509991b69c92d79b6b10352a74a313
e708372195ae32160ef83b134b09c48880408b1944078b1e1657fa9dd58ec13d
e895dda0e1d7c64c44b44484fdfd8af0c99e515f3c1d0199198b4f98ad6bfdc2
ea458702257f22018fe73b697cb642f14b703e88823f77f1b1966bb9a4b90770
ecd6ff6114c79556c772b3a7f40c7f626c0d6541d6d9e5f8a5f6ddb83667fda1
ed2509102e99fc8a08dc044266ff34c1ada28944b67931c889bc4e2736e0c37b
ed390e84c9cbc129328c6da9ead576f839b6fec67eb9ace1b32740f4641953a5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f284fa51d6f09c1e0133f438bca834a3ddda95a9f9543a869a896a451f7eb48c
f3ae716d4a68a4fbfa3c701795becc587bbb0c6ada0286fc99fa726a2f5268fa
f3f190da7120996ee84acce8094248dfcfd785fb7ef0fd198c457ab66d27d00f
f455f6b8ef0acbf9a66b8e2ac50b5801c05ae9ec2ca74f0825696c771d5d6c58
f7934a6c4525d44dca72ac96a2c33de26df51c81e4ce131c806cbbf9f50aa18d
f7b10d2d1abae88769ccb1e9bc1436c2e4c16d0942b3b5f373188bf261f5af22
f810b28de9346b9574fca0b9a15f4acc101e7f20d6863fe3ff86f3badf1f1a45
fd2b79e4e02fcb91b547efb348900055a138ccc7e5b0c80b78acc1e7fda57ea5
fd3b6ce4411c8cbbb668621aa4c93f279233372fcccd7516e3a228b161d95374

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4b8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

232 Requests

95 %HTTPS

49 %IPv6

49 Domains

77 Subdomains

55 IPs

11 Countries

8820 kBTransfer

14208 kBSize

38 Cookies

32 Outgoing links

Page URL History

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4b8a Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

95 %
HTTPS

49 %
IPv6

49
Domains

77
Subdomains

55
IPs

11
Countries

8820 kB
Transfer

14208 kB
Size

38
Cookies

232 HTTP transactions
2 data transactions