beforeitsnews.com Open in urlscan Pro
172.67.141.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://m.beforeitsnews.com/
Effective URL:
https://beforeitsnews.com/
Submission: On November 26 via api (November 26th 2024, 2:28:41 am UTC) from US — Scanned from US

Summary HTTP 242 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 62 IPs in 7 countries across 63 domains to perform 242 HTTP transactions. The main IP is 172.67.141.76, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 337956.
TLS certificate: Issued by WE1 on October 15th 2024. Valid for: 3 months.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 55	172.67.141.76 172.67.141.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1 27	104.19.131.76 104.19.131.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:3f99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.41.4 142.251.41.4	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:247... 2600:9000:2479:c600:18:9413:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
4	142.250.72.99 142.250.72.99	15169 (GOOGLE) (GOOGLE)
3	207.5.199.200 207.5.199.200	399647 (RUMBLE) (RUMBLE)
4	104.16.71.101 104.16.71.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1a0... 2400:52e0:1a00::941:1	200325 (BunnyCDN ...) (BunnyCDN BUNNYWAY)
1	192.124.249.109 192.124.249.109	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
5	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:8d4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.40.227 142.251.40.227	15169 (GOOGLE) (GOOGLE)
3	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
1	205.220.231.24 205.220.231.24	396998 (PATH-NETWORK) (PATH-NETWORK)
2	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
17	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
2	172.67.138.44 172.67.138.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.176.200 142.250.176.200	15169 (GOOGLE) (GOOGLE)
3 3	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
3	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
4	172.64.153.183 172.64.153.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.19.130.76 104.19.130.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:90c0:999... 2a03:90c0:9996::9996	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
1	2600:141b:1c0... 2600:141b:1c00:30::1739:5a6f	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
7	172.240.45.75 172.240.45.75	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1 2	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	2606:4700::68... 2606:4700::6812:1ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.222.239.230 51.222.239.230	16276 (OVH OVH SAS) (OVH OVH SAS)
2 2	23.205.2.235 23.205.2.235	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.195.94.138 23.195.94.138	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1 1	207.65.37.184 207.65.37.184	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	207.65.37.182 207.65.37.182	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	104.18.164.66 104.18.164.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	125.253.89.180 125.253.89.180	19437 (SS-ASH) (SS-ASH)
6 6	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	121.127.42.98 121.127.42.98	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1 1	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd)
1 1	80.77.87.163 80.77.87.163	46636 (NATCOWEB) (NATCOWEB)
1 2	44.196.77.126 44.196.77.126	14618 (AMAZON-AES) (AMAZON-AES)
3 10	54.198.143.18 54.198.143.18	14618 (AMAZON-AES) (AMAZON-AES)
2 2	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 3	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.67.191.172 172.67.191.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2607:f350:3:2... 2607:f350:3:2569:0:10:0:c	27630 (AS-XFERNET) (AS-XFERNET)
2	35.211.202.130 35.211.202.130	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	23.83.76.53 23.83.76.53	395954 (LEASEWEB-...) (LEASEWEB-USA-LAX)
3 3	34.200.2.144 34.200.2.144	14618 (AMAZON-AES) (AMAZON-AES)
1	37.157.2.230 37.157.2.230	198622 (ADFORM Ad...) (ADFORM Adform A/S)
2 2	148.251.40.153 148.251.40.153	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	35.245.40.102 35.245.40.102	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	23.44.136.174 23.44.136.174	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	172.240.45.81 172.240.45.81	7979 (SERVERS-COM) (SERVERS-COM)
15 19	162.19.138.117 162.19.138.117	16276 (OVH OVH SAS) (OVH OVH SAS)
1	162.19.138.116 162.19.138.116	16276 (OVH OVH SAS) (OVH OVH SAS)
1 1	3.222.253.102 3.222.253.102	14618 (AMAZON-AES) (AMAZON-AES)
3	172.240.45.96 172.240.45.96	7979 (SERVERS-COM) (SERVERS-COM)
1	23.51.57.13 23.51.57.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.240.45.70 172.240.45.70	7979 (SERVERS-COM) (SERVERS-COM)
1	34.36.214.49 34.36.214.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	50.16.216.198 50.16.216.198	14618 (AMAZON-AES) (AMAZON-AES)
2 2	50.16.11.35 50.16.11.35	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.224.234.232 54.224.234.232	14618 (AMAZON-AES) (AMAZON-AES)
2 2	107.20.94.136 107.20.94.136	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
17	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
1	107.22.72.237 107.22.72.237	14618 (AMAZON-AES) (AMAZON-AES)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1 1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2006	15169 (GOOGLE) (GOOGLE)
242	62

55 172.67.141.76 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

m.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.19.131.76 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tradingview-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2016 (United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:3f99 (United States)

ASN13335 (CLOUDFLARENET, US)

nerangee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.41.4 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2479:c600:18:9413:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.72.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.5.199.200 (Canada)

ASN399647 (RUMBLE, US)
PTR: 207-5-199-200.rumble.cloud

1a-1791.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.71.101 (None, )

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::941:1 (Chicago, United States)

ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI)

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.109 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10109.sucuri.net

timothycharlesholmseth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:8d4c (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.227 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.220.231.24 (Phoenix, United States)

ASN396998 (PATH-NETWORK, US)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.138.44 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.200 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200e (United States) 3 redirects

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.153.183 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.130.76 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE G-Core Labs S.A., LU)

video-native.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:30::1739:5a6f (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.240.45.75 (United States)

ASN7979 (SERVERS-COM, US)

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.34 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hde.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

usync.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.239.230 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.2.235 (Piscataway, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.195.94.138 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-94-138.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.28.7.82 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.226 (Queens, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.184 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.182 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.164.66 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 125.253.89.180 (United States) 6 redirects

ASN19437 (SS-ASH, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.160.114 (Colonia, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.127.42.98 (Ashburn, United States) 1 redirects

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-121-127-42-98.datapacket.com

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.163 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.196.77.126 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-77-126.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.198.143.18 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-143-18.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.191.172 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.rtbsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f350:3:2569:0:10:0:c (United States) 3 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.83.76.53 (Los Angeles, United States) 1 redirects

ASN395954 (LEASEWEB-USA-LAX, US)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.200.2.144 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-2-144.compute-1.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.230 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.40.153 (Germany) 2 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.153.40.251.148.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.245.40.102 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 102.40.245.35.bc.googleusercontent.com

visitor-mgid.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.44.136.174 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-44-136-174.deploy.static.akamaitechnologies.com

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.45.81 (United States)

ASN7979 (SERVERS-COM, US)

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 162.19.138.117 (Frankfurt am Main, Germany) 15 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.253.102 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-253-102.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.240.45.96 (United States)

ASN7979 (SERVERS-COM, US)

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.45.70 (United States)

ASN7979 (SERVERS-COM, US)

s2s.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com

pa.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.216.198 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-216-198.compute-1.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.11.35 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-11-35.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.234.232 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-234-232.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.20.94.136 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-94-136.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.72.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-72-237.compute-1.amazonaws.com

na-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

dis.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	beforeitsnews.com 2 redirects m.beforeitsnews.com — Cisco Umbrella Rank: 715516 beforeitsnews.com — Cisco Umbrella Rank: 337956 a1.beforeitsnews.com — Cisco Umbrella Rank: 571963 ajax.beforeitsnews.com — Cisco Umbrella Rank: 413515	1 MB
31	mgid.com 1 redirects jsc.mgid.com — Cisco Umbrella Rank: 9340 c.mgid.com — Cisco Umbrella Rank: 7409 cdn.mgid.com — Cisco Umbrella Rank: 11787 servicer.mgid.com — Cisco Umbrella Rank: 9455 s-img.mgid.com — Cisco Umbrella Rank: 9960 video-native.mgid.com — Cisco Umbrella Rank: 188800 cm.mgid.com — Cisco Umbrella Rank: 1718	275 KB
20	id5-sync.com 15 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com — Cisco Umbrella Rank: 533	55 KB
20	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 translate.googleapis.com — Cisco Umbrella Rank: 912 www.googleapis.com — Cisco Umbrella Rank: 26 imasdk.googleapis.com — Cisco Umbrella Rank: 506	220 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	67 KB
16	aniview.com player.aniview.com — Cisco Umbrella Rank: 2154 track1.aniview.com — Cisco Umbrella Rank: 5887 go1.aniview.com — Cisco Umbrella Rank: 7319 sync.aniview.com — Cisco Umbrella Rank: 1676 s2s.aniview.com — Cisco Umbrella Rank: 15045	312 KB
13	360yield.com 5 redirects match.360yield.com — Cisco Umbrella Rank: 2935 ad.360yield.com — Cisco Umbrella Rank: 800 ice.360yield.com — Cisco Umbrella Rank: 2446 na-ice.360yield.com — Cisco Umbrella Rank: 6340	8 KB
10	pubmatic.com 8 redirects image8.pubmatic.com — Cisco Umbrella Rank: 684 image2.pubmatic.com — Cisco Umbrella Rank: 886 image4.pubmatic.com — Cisco Umbrella Rank: 1437 simage2.pubmatic.com — Cisco Umbrella Rank: 920 ads.pubmatic.com — Cisco Umbrella Rank: 570 image6.pubmatic.com — Cisco Umbrella Rank: 983	5 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	268 KB
8	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3 translate.google.com — Cisco Umbrella Rank: 1113 analytics.google.com — Cisco Umbrella Rank: 142	33 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
6	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	6 KB
6	a-mo.net 6 redirects prebid.a-mo.net — Cisco Umbrella Rank: 788	3 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 cm.g.doubleclick.net — Cisco Umbrella Rank: 284 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	3 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5669 onesignal.com — Cisco Umbrella Rank: 1761	83 KB
4	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1060 eus.rubiconproject.com — Cisco Umbrella Rank: 616	297 B
4	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 14805	1 MB
4	imgflip.com i.imgflip.com — Cisco Umbrella Rank: 45054	324 KB
4	customads.co cdn2.customads.co — Cisco Umbrella Rank: 109906 customads.co — Cisco Umbrella Rank: 77806	4 KB
3	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 780	1 KB
3	sonobi.com 3 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 915	2 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 854 idsync.rlcdn.com — Cisco Umbrella Rank: 476	1 KB
3	creativecdn.com 3 redirects creativecdn.com — Cisco Umbrella Rank: 544	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	179 KB
3	youtube.com img.youtube.com — Cisco Umbrella Rank: 1700 www.youtube.com — Cisco Umbrella Rank: 79	156 KB
3	1a-1791.com 1a-1791.com — Cisco Umbrella Rank: 25560	106 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	1 KB
2	gumgum.com 2 redirects rtb.gumgum.com — Cisco Umbrella Rank: 1533	441 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 615	846 B
2	richaudience.com 2 redirects sync.richaudience.com — Cisco Umbrella Rank: 1624	593 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 393	256 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 10343	786 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 732	1 KB
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1141	1 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 712
2	tynt.com 1 redirects de.tynt.com — Cisco Umbrella Rank: 1582 hde.tynt.com — Cisco Umbrella Rank: 4007	630 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 192515	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	17 KB
1	criteo.com 1 redirects dis.eu.criteo.com — Cisco Umbrella Rank: 8562	534 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 899	485 B
1	openx.net pa.openx.net — Cisco Umbrella Rank: 3484
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	289 B
1	omnitagjs.com 1 redirects visitor-mgid.omnitagjs.com — Cisco Umbrella Rank: 21405	426 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1505	475 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 775	326 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 805	633 B
1	rtbsystem.com 1 redirects cm.rtbsystem.com — Cisco Umbrella Rank: 4990	974 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1018	546 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3618	555 B
1	casalemedia.com 1 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1646	882 B
1	a-mx.com 1 redirects id.a-mx.com — Cisco Umbrella Rank: 1660	647 B
1	idealmedia.io 1 redirects cm.idealmedia.io — Cisco Umbrella Rank: 14603	465 B
1	ingage.tech usync.ingage.tech — Cisco Umbrella Rank: 8492
1	33across.com 1 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 914	558 B
1	rumble.com rumble.com — Cisco Umbrella Rank: 23921
1	tradingview-widget.com www.tradingview-widget.com — Cisco Umbrella Rank: 27723
1	timothycharlesholmseth.com timothycharlesholmseth.com	44 KB
1	bitchute.com static-3.bitchute.com — Cisco Umbrella Rank: 277622	15 KB
1	nerangee.com nerangee.com — Cisco Umbrella Rank: 629874	6 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	11 KB
1	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 16886	5 KB
242	63

	Domain	Requested by
52	beforeitsnews.com	1 redirects beforeitsnews.com
19	id5-sync.com	15 redirects cdn.id5-sync.com beforeitsnews.com
17	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
17	pagead2.googlesyndication.com	nerangee.com imasdk.googleapis.com
16	cm.mgid.com	1 redirects jsc.mgid.com beforeitsnews.com
8	ad.360yield.com	2 redirects player.aniview.com beforeitsnews.com
7	track1.aniview.com	beforeitsnews.com player.aniview.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com beforeitsnews.com
6	ib.adnxs.com	6 redirects
6	prebid.a-mo.net	6 redirects
5	image8.pubmatic.com	4 redirects beforeitsnews.com
4	player.aniview.com	jsc.mgid.com player.aniview.com
4	cl.imghosts.com	beforeitsnews.com
4	servicer.mgid.com	jsc.mgid.com
4	c.mgid.com	beforeitsnews.com
4	www.gstatic.com	www.google.com translate.googleapis.com www.gstatic.com
4	i.imgflip.com	beforeitsnews.com
4	fonts.gstatic.com	fonts.googleapis.com beforeitsnews.com
4	www.google.com	beforeitsnews.com www.gstatic.com
3	sync.aniview.com	player.aniview.com
3	ap.lijit.com	3 redirects
3	sync.go.sonobi.com	3 redirects
3	match.360yield.com	2 redirects beforeitsnews.com
3	creativecdn.com	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	s-img.mgid.com	beforeitsnews.com
3	analytics.google.com	3 redirects
3	onesignal.com	cdn.onesignal.com
3	customads.co	cdn2.customads.co
3	www.googletagmanager.com	beforeitsnews.com www.google-analytics.com
3	1a-1791.com	beforeitsnews.com
2	pixel.tapad.com	2 redirects
2	match.adsrvr.org	2 redirects
2	rtb.gumgum.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	sync.richaudience.com	2 redirects
2	px.ads.linkedin.com	1 redirects beforeitsnews.com
2	x.bidswitch.net	beforeitsnews.com
2	id.rlcdn.com	1 redirects beforeitsnews.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	ps.eyeota.net	1 redirects beforeitsnews.com
2	eus.rubiconproject.com	cm.mgid.com player.aniview.com
2	secure-assets.rubiconproject.com	2 redirects
2	onetag-sys.com	cm.mgid.com player.aniview.com
2	cdn.mgid.com	beforeitsnews.com
2	rddywd.com	nerangee.com beforeitsnews.com
2	www.youtube.com	beforeitsnews.com
2	cdn.onesignal.com	beforeitsnews.com cdn.onesignal.com
2	m.beforeitsnews.com	1 redirects beforeitsnews.com
1	s0.2mdn.net	imasdk.googleapis.com
1	securepubads.g.doubleclick.net	imasdk.googleapis.com
1	image6.pubmatic.com	1 redirects
1	dis.eu.criteo.com	1 redirects
1	na-ice.360yield.com	beforeitsnews.com
1	sync.ipredictive.com	1 redirects
1	ice.360yield.com	1 redirects
1	pa.openx.net	player.aniview.com
1	s2s.aniview.com	player.aniview.com
1	ads.pubmatic.com	player.aniview.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	go1.aniview.com	player.aniview.com
1	visitor-mgid.omnitagjs.com	1 redirects
1	cm.adform.net	beforeitsnews.com
1	ssbsync.smartadserver.com	1 redirects
1	pippio.com	1 redirects
1	idsync.rlcdn.com	1 redirects
1	cm.rtbsystem.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	simage2.pubmatic.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	ssum.casalemedia.com	1 redirects
1	id.a-mx.com	1 redirects
1	cm.idealmedia.io	1 redirects
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	usync.ingage.tech	cm.mgid.com
1	hde.tynt.com	cm.mgid.com
1	de.tynt.com	1 redirects
1	ssc-cms.33across.com	1 redirects
1	cdn.id5-sync.com	jsc.mgid.com
1	video-native.mgid.com	jsc.mgid.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.googleapis.com	beforeitsnews.com
1	translate.googleapis.com	translate.googleapis.com
1	rumble.com	beforeitsnews.com
1	www.tradingview-widget.com	s3.tradingview.com
1	ajax.beforeitsnews.com	beforeitsnews.com
1	a1.beforeitsnews.com	beforeitsnews.com
1	img.youtube.com	beforeitsnews.com
1	timothycharlesholmseth.com	beforeitsnews.com
1	static-3.bitchute.com	beforeitsnews.com
1	cdn2.customads.co	beforeitsnews.com
1	translate.google.com	beforeitsnews.com
1	nerangee.com	beforeitsnews.com
1	i.ytimg.com	beforeitsnews.com
1	s3.tradingview.com	beforeitsnews.com
1	jsc.mgid.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
242	100

This site contains links to these domains. Also see Links.

Domain
herbanomics.com
www.tradingview.com
www.herbanomics.com
forum.beforeitsnews.com
www.youtube.com
widgets.mgid.com
www.mgid.com
biodynamix
www.braintuner.com
puravive
sightcare
suncoastsciences
telegram.org
t.me

Subject Issuer	Validity	Valid
beforeitsnews.com WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
mgid.com WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
*.tradingview.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-11` - `2025-11-10`	a year	crt.sh
edgestatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
nerangee.com WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.customads.co Amazon RSA 2048 M03	`2024-07-30` - `2025-08-28`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.1a-1791.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-06` - `2025-08-05`	a year	crt.sh
i.imgflip.com WE1	`2024-10-28` - `2025-01-27`	3 months	crt.sh
static-3.bitchute.com R11	`2024-11-06` - `2025-02-04`	3 months	crt.sh
timothycharlesholmseth.com Go Daddy Secure Certificate Authority - G2	`2024-06-23` - `2025-06-23`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
customads.co WR3	`2024-11-23` - `2025-02-21`	3 months	crt.sh
*.tradingview-widget.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-03-19`	8 months	crt.sh
*.rumble.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-10`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
rddywd.com WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cl.imghosts.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2024-09-12` - `2025-10-14`	a year	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2024-08-17` - `2025-08-20`	a year	crt.sh
id5-sync.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2024-08-01` - `2025-08-11`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-23` - `2024-12-21`	3 months	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
pa.openx.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-06-15` - `2025-07-14`	a year	crt.sh

This page contains 58 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: B63C60DDB0D4FD3E2242DA02167CC73B
Requests: 164 HTTP requests in this frame

Frame: https://beforeitsnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: 0D99679F66EFB796373A35CAA1C52713
Requests: 2 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=2365&embed_type=7&embed_frame_container_type=3
Frame ID: 8E82AD334D83B9D2878041667D57E154
Requests: 1 HTTP requests in this frame

Frame: https://customads.co/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=4232&embed_type=7&embed_frame_container_type=3
Frame ID: 4CC072B13D24B5AC13406F5C092E8C8D
Requests: 1 HTTP requests in this frame

Frame: https://customads.co/lad/9777028388081510?pubid=ld-6512-6157&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=4232&embed_type=7&embed_frame_container_type=3
Frame ID: BFB2A2799C53B2471AE7280FE313245C
Requests: 1 HTTP requests in this frame

Frame: https://www.tradingview-widget.com/embed-widget/ticker-tape/?locale=en
Frame ID: 4E25A018062FE4ABF484C5C7A2A04BE2
Requests: 1 HTTP requests in this frame

Frame: https://rumble.com/embed/v5qrvct/?pub=hw409
Frame ID: DDD130D9EF5D565642170C2DD441EE17
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ogXo7X2pt2s
Frame ID: 9C161FC16D04F5A666A861509C4850EF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YqCruUbpsk4?si=ShWbPJOx2zN-Zjy-
Frame ID: B8402A5B363B97A9147CFF6B3133000F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&co=aHR0cHM6Ly9iZWZvcmVpdHNuZXdzLmNvbTo0NDM.&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=5yjvgw96vtz5
Frame ID: 0BB54AD39F278DCC6E09A46829E06607
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3C8035FC418DFC4B1109958549FC79D4
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/m=el_main_css
Frame ID: E646B36B72E1D87B351904C76484A392
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-X6HC1RQLPR&gacid=1212335341.1732588111&gtm=45je4bk0v9134588528za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2132492497
Frame ID: 5EC551D2351D4618E76EE769010560CA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh
Frame ID: C419DC822F5E932A7E022E9480CBA57E
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Frame ID: AB8EEA0BE2CC4006E29BE81C9CF40CE9
Requests: 1 HTTP requests in this frame

Frame: https://usync.ingage.tech/?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834146%26c%3D%24UID
Frame ID: ADFEBE6127E41543C958A0D7835CE494
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: EA37199A480FB4FDCED2A6742D2DF392
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 529CC7E37B1BCF5BCBBC823C4592B70D
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Frame ID: DFF2033F373AA7BE2FC60B5C623D00F5
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 4A19422728A763300243E7DB5B84AA02
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=22&key=93f5ca43-afec-4a57-8008-46a66bf12883
Frame ID: 94D60A5E0597EC7F6BA8B12F01C2580B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1732588112697-172027211197-000826-013-005183%26biddername%3D1%26key%3D
Frame ID: 1AB588ECF85BC2B1751DE900F7B193E3
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 68A4B87493CC4586755162E9870C2366
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=18&key=Jup0ALZH0Gb3m-OAT4md179-
Frame ID: CB83DBBAD1F3887BD4B6B2AE4DAF9764
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: BEF63C4C0B7D87A50F4F5902A90B9D3D
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 0D5ECE9DEE2C0E2A134D6C1E8E59FDAD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 7EE89244601E1B28B809CFA37ECF0577
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: F54F29D4005B24F6C7CE5A98C3E60F78
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 127C387A6805449CB02969577A71DB82
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: C4D0AC26F81CDFA4B19D1E1E14BC4AD7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: C7B2DD0E611CBA646D6E29418C4E6DCC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EB117FCC1F551BE59A413431D75FDE4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F38E467F2813CD75C422282B45980BB2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 690E2E66BF9946F353C3EF542A5AE7BE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AE4555CC88101C13177A8F545D38B253
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 216D6A9F46E4E93AA0049F82ED733E87
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: F904BB264E43E8F2611911679AE91C77
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 99C299DDB5399FD5C707F3BC07C454DD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 71589A3749DD0DF62ACC57975E464D9E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F9C86216BCA17533FAAE4002B38E941D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 786742CDCBC51EDD0BDB97AB21EF3FDE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9081B17301313129D48B2EC3D501BD77
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 2B70FD949B2413E1E802FC7D58738079
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A7CB67EE2C29781BE47630CF5D446C82
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: EF576AE833548CF3E47251F93AC80B8B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 903729104F71F3FABFDF6555373024C9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 9E411E13E9BC54B55F0EF6F06EDD245F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0ADA88C855723CABC6D1F1E440497DC4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: F37449CE7B064C7D20D2ABD51FAFCB27
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E7A71A1E5EEBA6CB182BE20E3C0DAF94
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 9BF6BA97CBC029C6FBC4668159ACB4E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D54CB248104F49CC49FAE61AB13F66DF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 5F14738FAB0B7E937B2D20C0570BA7AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 78AD50E79295BDCA5527F378443FBE13
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: F560787893A490C197B7270634F172F8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4B0298EE50EA6FFFF1DFFEEA0389FC94
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 5E5EB10BA628BA596BEB9B3E96BEAA31
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 48B392F207879AFBB291F53CCC7E0553
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before It's News | People Powered News

Page URL History Show full URLs

https://m.beforeitsnews.com/ HTTP 302
http://beforeitsnews.com/ HTTP 307
https://beforeitsnews.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

242
Requests

81 %
HTTPS

27 %
IPv6

63
Domains

100
Subdomains

62
IPs

7
Countries

4447 kB
Transfer

8564 kB
Size

207
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://herbanomics.com/collections/all
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/?utm_source=beforeitsnews.com&utm_medium=widget_new&utm_campaign=ticker-tape
Title: Ticker Tape

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/accelerated-probiotic-complex-1

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/lions-mane-whole-mind-nootropic-blend

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://herbanomics.com/products/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720413

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://biodynamix/Suffering_From_Arthritis_Restore_Your_Joints_In_5_Days_With_This

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/

Search URL Search Domain Scan URL

URL: https://www.herbanomics.com/products/humic-fulvic-liquid-trace-mineral-complex

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://puravive/Cardiologists_How_Older_Women_Are_Losing_Weight_Quickly

Search URL Search Domain Scan URL

URL: https://puravive/This_Cheap_Recipe_Eliminates_Fat_From_The_Abdomen_In_A_Few_Days

Search URL Search Domain Scan URL

URL: https://sightcare/Glaucoma_And_Cataract_Disappear_Vision_Returns_99.7_In_6_Days

Search URL Search Domain Scan URL

URL: https://suncoastsciences/Costco_Shoppers_Say_This_Wrinkle_Cream_Is_

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720415

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://m.beforeitsnews.com/ HTTP 302
http://beforeitsnews.com/ HTTP 307
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://beforeitsnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://beforeitsnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

Request Chain 117

https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je4bk0v9134588528za200&_p=1732588109815&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-us&sr=1600x1200&cid=1212335341.1732588111&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sid=1732588111&sct=1&seg=0&en=page_view&_fv=2&_ss=2&_c=1&_ee=1&tfd=2212 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=16756617193115734359&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F

Request Chain 120

https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je4bk0v9134588528za200&_p=1732588109815&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-us&sr=1600x1200&cid=1212335341.1732588111&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=2&dl=https%3A%2F%2Fbeforeitsnews.com%2F&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sid=1732588111&sct=1&seg=1&en=page_view&_c=1&_ee=1&_et=37&tfd=2259 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=4631826523964094093&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F

Request Chain 121

https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je4bk0v9134588528za200&_p=1732588109815&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-us&sr=1600x1200&cid=1212335341.1732588111&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=3&dl=https%3A%2F%2Fbeforeitsnews.com%2F&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sid=1732588111&sct=1&seg=1&en=page_view&_c=1&_ee=1&_et=1&tfd=2289 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=14379166718986805167&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F

Request Chain 142

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X HTTP 302
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X HTTP 307
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1

Request Chain 145

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 146

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjcxMjhEMTUtRjJDRS00MDQ0LTkyNDItMTkzNTBFNEU1NThD&gdpr=0&gdpr_consent=&google_cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIkk6wNK8kwRKFPhbcdvrTg&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3DB7128D15-F2CE-4044-9242-19350E4E558C HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=B7128D15-F2CE-4044-9242-19350E4E558C

Request Chain 147

https://cm.idealmedia.io/i.gif?muidf=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy= HTTP 307
https://cm.mgid.com/i.gif?muidf=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy= HTTP 307
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F31342%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43eb-8e21-ed14914cfb97%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F31342%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D1b8efe92-5857-43eb-8e21-ed14914cfb97%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2524UID HTTP 302
https://prebid.a-mo.net/cchain/0/31342?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=1b8efe92-5857-43eb-8e21-ed14914cfb97&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=8391688946624495119 HTTP 302
https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F31342%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43eb-8e21-ed14914cfb97%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/4/31342?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=1b8efe92-5857-43eb-8e21-ed14914cfb97&bidder=amx_com&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=1b8efe92-5857-43eb-8e21-ed14914cfb97 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F31342%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43eb-8e21-ed14914cfb97%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/6/31342?us_privacy=1---&gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=1b8efe92-5857-43eb-8e21-ed14914cfb97&bidder=index_rtb&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=Z0UyUNHM41QAACZbAaT8.QAA%26632 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F7%252F31342%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D1b8efe92-5857-43eb-8e21-ed14914cfb97%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2523PMUID HTTP 302
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:220823cb-26e4-4ab6-a01e-a152928b5b27&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 148

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Request Chain 149

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?gdpr=0&gdpr_consent=&ccpa=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D HTTP 302
https://cm.mgid.com/m?cdsp=675043&c=e2232524-8ac5-4049-bda1-3c22518ae450

Request Chain 150

https://ps.eyeota.net/match?bid=dn2m51u&uid=oapv16dr7Fsi&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=oapv16dr7Fsi&gdpr=0&gdpr_consent=

Request Chain 151

https://match.360yield.com/match?external_user_id=oapv16dr7Fsi&publisher_dsp_id=489&dsp_callback=1&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834124%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=oapv16dr7Fsi&publisher_dsp_id=489&dsp_callback=1&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834124%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=834124&c=93f5ca43-afec-4a57-8008-46a66bf12883

Request Chain 152

https://b1sync.zemanta.com/usersync/mgid/?puid=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D HTTP 302
https://b1sync.zemanta.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&puid=oapv16dr7Fsi&s=2&us_privacy= HTTP 302
https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0

Request Chain 153

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=8b67b9cb-2762-43ab-a72b-b1c5fcac187f

Request Chain 154

https://id.rlcdn.com/712056.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCNDklLoGEgUI6AcQAEIASgA

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=b2FwdjE2ZHI3RnNp&muidn=oapv16dr7Fsi&gdpr=0&gdpr_consent= HTTP 302
https://cm.mgid.com/google?muidn=oapv16dr7Fsi&gdpr=0&gdpr_consent=&google_ula={guid},5&google_gid=CAESEC_TtCj0gOCclFXU_IjVaHg&google_cver=1

Request Chain 156

https://cm.rtbsystem.com/mgid?c=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D HTTP 302
https://cm.mgid.com/m?cdsp=556372&c=f0a52311-0e9d-51e6-ae2a-fee3791a4600

Request Chain 157

https://ib.adnxs.com/getuid?https://cm.mgid.com/m?cdsp=834104&c=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834104%26c%3D%24UID HTTP 302
https://cm.mgid.com/m?cdsp=834104&c=1500711789250769632

Request Chain 158

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834148%26c%3D%5BUID%5D HTTP 302
https://cm.mgid.com/m?cdsp=834148&c=540c95b9-0e11-40fe-b821-13753e9c6537

Request Chain 160

https://idsync.rlcdn.com/712107.gif?partner_uid=oapv16dr7Fsi& HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=e2746ab8762c9de43f06b5859e3ec37cdca2da27a9bd79bc11a96374f3f2de75791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e2746ab8762c9de43f06b5859e3ec37cdca2da27a9bd79bc11a96374f3f2de75791426b5417dce21&rand=01725419 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e2746ab8762c9de43f06b5859e3ec37cdca2da27a9bd79bc11a96374f3f2de75791426b5417dce21&rand=01725419&expected_cookie=fce06dc9-6cc2-4bf9-bddc-f47b299806bf

Request Chain 161

https://ssbsync.smartadserver.com/api/sync?callerId=155&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834126%26c%3D%5Bsas_sync_pid%5D%26nwid%3D4577 HTTP 302
https://cm.mgid.com/m?cdsp=834126&c=2245899362504471552&nwid=4577

Request Chain 162

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=93f5ca43-afec-4a57-8008-46a66bf12883

Request Chain 163

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4758%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43eb-8e21-ed14914cfb97%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 307
https://prebid.a-mo.net/cchain/1/4758?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=1b8efe92-5857-43eb-8e21-ed14914cfb97&bidder=sovrn&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=Jup0ALZH0Gb3m-OAT4md179- HTTP 302
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F4758%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43eb-8e21-ed14914cfb97%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID

Request Chain 164

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID HTTP 307
https://cm.mgid.com/m?cdsp=709070&c=Jup0ALZH0Gb3m-OAT4md179-

Request Chain 165

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https://cm.mgid.com/m?cdsp=834139&c=[PDID] HTTP 302
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https://cm.mgid.com/m?cdsp=834139&c=[PDID]&rd=1 HTTP 302
https://cm.mgid.com/m?cdsp=834139

Request Chain 166

https://visitor-mgid.omnitagjs.com/visitor/bsync?uid=98ca793505bd269c5f409678d39eb6e5&name=mgid&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834135%26c%3D%5BBUYER_ID%5D HTTP 307
https://cm.mgid.com/m?cdsp=834135&c=96f838ba2c3f425b1aea8ee79a929607

Request Chain 175

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 176

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1732588112697-172027211197-000826-013-005183%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=22&key=93f5ca43-afec-4a57-8008-46a66bf12883

Request Chain 178

https://creativecdn.com/cm-notify?pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---

Request Chain 179

https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1732588112697-172027211197-000826-013-005183%26biddername%3D18%26key%3D%24UID HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=18&key=Jup0ALZH0Gb3m-OAT4md179-

Request Chain 189

https://id5-sync.com/i/231/8.gif?o=api&id5id=ID5*JYTKmRqyOa9fKUlOF7ZRBxmO5wsnsnEXW4wM_lCyit7cozvvj9KFrhLmbcAJnpuq&gdpr_consent=undefined&gdpr=false HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ea54WlfGAh_MtuNXU66qWWsYpmdXjrobafNTEFd1cw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F231%2F124%2F7%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/231/124/7/2.gif?puid=93f5ca43-afec-4a57-8008-46a66bf12883&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://id5-sync.com/k/155.gif?puid=AAFt907OimUAABaXZBUGEg&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/231/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/2/5/4.gif?puid=8391688946624495119&gdpr=0&gdpr_consent= HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F796%2F4%2F5.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/796/4/5.gif?puid=5907ecb9-5a4f-4f7a-9ba5-c291d31f4678&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F441%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/441/3/6.gif?puid=u_4be40cfc-7c1b-47b0-8375-d58a07b00c99&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F434%2F2%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/231/434/2/7.gif?puid=540c95b9-0e11-40fe-b821-13753e9c6537&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=0c0c5e41-daa5-4c18-a64a-06059b5de795&ttl=%%TTL%% HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/108/0/9.gif?puid=e8e56291-e341-4713-96d2-485ad3f05657&gdpr=0&gdpr_consent=

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=OTNmNWNhNDMtYWZlYy00YTU3LTgwMDgtNDZhNjZiZjEyODgz&dsp_callback=0 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEBjwx7lLbSf85hGXMv7CHRo&google_cver=1

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=k_XKQ6_sSleACEama_Eogw&google_cm&dsp_callback=0&publisher_dsp_id=340 HTTP 302
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBcizSjMPhlZ2GlsVpuBhRA&google_cver=1

Request Chain 193

https://ib.adnxs.com/getuid?https://na-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40 HTTP 302
https://na-ice.360yield.com/match?dsp_callback=0&external_user_id=8391688946624495119&publisher_dsp_id=40

Request Chain 195

https://id5-sync.com/match?publisher_user_id=93f5ca43-afec-4a57-8008-46a66bf12883&publisher_dsp_id=313&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/match HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://id5-sync.com/k/155.gif?puid=AAFt907OimUAABaXZBUGEg&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F203%2F5%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/231/203/5/4.gif?puid=ce0aa8b1-5335-422c-8006-a3027d41349c&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/231/429/4/5.gif?puid=B7128D15-F2CE-4044-9242-19350E4E558C&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/231/434/3/6.gif?puid=540c95b9-0e11-40fe-b821-13753e9c6537&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F441%2F2%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/441/2/7.gif?puid=u_4be40cfc-7c1b-47b0-8375-d58a07b00c99&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=0c0c5e41-daa5-4c18-a64a-06059b5de795&ttl=%%TTL%% HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/108/0/9.gif?puid=e8e56291-e341-4713-96d2-485ad3f05657&gdpr=0&gdpr_consent=

242 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

https://m.beforeitsnews.com/
http://beforeitsnews.com/
https://beforeitsnews.com/

86 KB
19 KB

202ms
189ms

Document
text/html

172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

481798ea6ee2a7538ed4d90e252b7c96d343f58152171bf0e62ff9905b01b112

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin: *
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8e86720358c544db-ATL
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 02:28:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCJ8Nt0LdHkf6BkjArP7qyCj79AoAhVM9Yn2SxvnfMEDbMzOFqqBikS9hmRHrdAiKwaloB98K4Go48u3%2Fez4fVEUcd60nQ25eyUV2MURbclzIDtJ%2Fa87D91udOuKla6o%2FJpXzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=45954&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5299&recv_bytes=4969&delivery_rate=415&cwnd=12000&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=427&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://beforeitsnews.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 220ms
83ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99def5790683cb1e6597f1035612c9e15ae95a91788544521fa43e78dd54d7b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 02:28:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 26 Nov 2024 02:28:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 global-bin-rev-202409012.css
beforeitsnews.com/static/css-v3/ 17 KB
5 KB 78ms
77ms Stylesheet
text/css 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2fdedda9fb4d1af92f1219b6a6e709ebe9663b3a38a15ce6c0bb0f3394df22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fdf-42a5"
age: 1801119
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dSxZedQ05G9BlZvN3I54gLbDCS1jCP77FfehGo6fMBTBPgtlvKOh%2B8ETV4qWUDMiOtl6FKcyQ%2B%2BNp5Hk80ypX8%2FFHGOnGKZCV5S%2Fq2c%2BJk8EB%2Bc0sBi66McOUQbF1nRum7M0Og%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 09 Nov 2024 10:22:55 GMT
cf-polished: origSize=17061
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=506&x=1", cfHdrFlush;dur=9
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: text/css
last-modified: Sun, 01 Sep 2024 10:20:15 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a8644db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 fancybox-bin-rev-202409012.css
beforeitsnews.com/static/css-v3/ 8 KB
3 KB 97ms
95ms Stylesheet
text/css 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-202409012.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fdf-1f5d"
age: 1779717
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ID%2F1%2FngR0wbgQUosqfZRMpMMNsPHwktLStIIa%2B9SBlzQM6zi6zfCESnPy4sk9iXKZKgYHy0yj%2F3%2BIfJy0mEkE5z7XJMPtskaNcZL6HVALwBdqbFRfidQVOCHsxH%2BNg8zOyLttg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 09 Nov 2024 10:23:01 GMT
cf-polished: origSize=8029
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=499&x=1", cfHdrFlush;dur=34
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: text/css
last-modified: Sun, 01 Sep 2024 10:20:15 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a8944db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 home-bin-rev-202409012.css
beforeitsnews.com/static/css-v3/ 29 KB
8 KB 57ms
55ms Stylesheet
text/css 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-202409012.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fdf-72aa"
age: 650715
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5cRnrAnaBhq5JEVJ29M3iSpnGxeAr1AfvQFGvlYQnyXWhLaUf%2B6AMSJ4BT%2BvHgeormmBC5wEUBAJaPUSGN8C56SKcEaVVBgcfS7GawnjzG9WN6gnMcTiApm6ZzbUvEu1tGcFFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 09 Nov 2024 11:29:24 GMT
cf-polished: origSize=29354
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=37&recv=30&lost=0&retrans=0&sent_bytes=25535&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=495&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: text/css
last-modified: Sun, 01 Sep 2024 10:20:15 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a8e44db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 responsive-bin-rev-202409012.css
beforeitsnews.com/static/css-v3/ 21 KB
5 KB 97ms
95ms Stylesheet
text/css 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-202409012.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ed516e8f20daec04aca95d7cb155247377f09aa2e5115a4a83439c67b54648

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66d43fdf-520c"
age: 1526053
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIXEDZDZrM%2BjiBnnViP2bv1S8qsrRiMpfZlJxnoOjtKGQrTK4ktQtiBfVsZwLaEqggBRsEtg4GItmVw0RWZFF88yoQrl3hmrsgrGK28xrr2O%2BQx5GfkBW9ASvWEpgwBUEzgE7w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Thu, 14 Nov 2024 11:24:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=496&x=1", cfHdrFlush;dur=37
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: text/css
last-modified: Sun, 01 Sep 2024 10:20:15 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9044db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 web-responsive-bin-rev-202409012.css
beforeitsnews.com/static/css-v3/ 371 B
1 KB 100ms
98ms Stylesheet
text/css 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-202409012.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fdf-173"
age: 1775174
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6m8o89DC7uY88l%2BMeMLD75VqRr%2FNvrlf3qx1wWbpoB6P3ZiV89LQ3IIC5rC7JNgZTNWnvK64iqtITyfAbfPTP6Plvxp6QXOMYP2%2BOaA4zv4ABPGYF8APwcPb7y7gS%2Fg6P6XrXA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 09 Nov 2024 10:22:03 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=498&x=1", cfHdrFlush;dur=35
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: text/css
last-modified: Sun, 01 Sep 2024 10:20:15 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9244db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jquery-1.8.3.min.js Show response
beforeitsnews.com/static/js-v3/ 91 KB
39 KB 99ms
98ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65f58055-16dc4"
age: 572140
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dVVUxGF%2F%2FgvUahUR4nCDrfatHeBnKhCfas%2Bi7FO7oF0rIwiF7eZIEGU00HsdNM58MYLs2lsEPK4W7NF1ZiJDseSbl%2BMTY%2FLi%2B23yhhdgd%2FHhhiKKvYD3wQAZ63igVHi2%2FC4%2FJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Fri, 22 Nov 2024 00:40:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=498&x=1", cfHdrFlush;dur=35
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sat, 16 Mar 2024 11:19:49 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9444db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jquery.fancybox-1.3.4.pack.js Show response
beforeitsnews.com/static/js-v3/ 15 KB
7 KB 102ms
100ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery.fancybox-1.3.4.pack.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65f58055-3d08"
age: 650919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEeI%2FtqN9%2F9IV8HEeqsC9ALByLVuau5Xv3VrZTbfZt%2BdxTya6WZ%2Ff%2BIfmIerryZS6r80w4OECLYd4VSlcrSuadTWrrhQlPBAq1T7un4zJq4OkIPImvCP7T0ZWflpq1Cc8uzf2g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 13 Nov 2024 14:18:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=498&x=1", cfHdrFlush;dur=35
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sat, 16 Mar 2024 11:19:49 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9544db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 mobiledetect.js Show response
beforeitsnews.com/static/js-v3/ 37 KB
17 KB 164ms
163ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/mobiledetect.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc913cda5e84f3886936b3e1eacb5c134a8c946adf01c6dbffe42ed57b57d566

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"65f49ada-92e9"
age: 1694809
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsswmV4a88S120bBfVaP2wreq06AFEUoT6hGBLnrX0vlhLB%2B%2B999WAZx61alTcHN35BWSLPNXa4w18TNkMDDx5AiEhAhl3VRIAw9obXS4QiPF6Rs8fSeqJ1nv3hmW4Yj1erWOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 09 Nov 2024 17:05:18 GMT
cf-polished: origSize=37609
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=498&x=1", cfHdrFlush;dur=35
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 19:00:42 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9644db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 node-uuid.js Show response
beforeitsnews.com/static/js-v3/ 3 KB
2 KB 184ms
182ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/node-uuid.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0350f6d6fc2942181daf38ad8263cbe9d79b2386b8c31ef1c1c17a57b48bd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65f58055-a10"
age: 1684479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAPRclFbKclji8T7MQuicPzGE%2F1PH7j1keAlM4uKwhg2BUkwUhrb%2FSxgrbhEvskIZwYkkL%2BNP4zt%2Fvb6q3tmlzfl93t%2BXkVcT3uiHtPEvK%2BN%2FlZSS2QWJjI%2B%2FgZvpZt4%2BSDCXA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 12 Nov 2024 12:31:41 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=500&x=1", cfHdrFlush;dur=39
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sat, 16 Mar 2024 11:19:49 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9744db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 global-bin-rev-202409012.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
6 KB 185ms
184ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-202409012.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61145a610771746ee51df17b3f833b1ecb7943ec6c54911dc32b7c21d522d582

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66d43faf-360e"
age: 1516637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bUT91ipPre09Tl006X4yjyJzovz65%2FvD3nNoPNgWucnuPAa9681MuSsVbqpjIZIyKyebocpzskeSU8K1I7TA1Qo8DYg1thaOAILZ7XZ7WkYiV3jpfGi6DejqOgJw6P9m%2FKsKzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 13 Nov 2024 12:54:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=499&x=1", cfHdrFlush;dur=40
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sun, 01 Sep 2024 10:19:27 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9944db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 310742.js Show response
jsc.mgid.com/site/ 946 KB
215 KB 103ms
52ms Script
text/javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/site/310742.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

420d0d717f6749dbba330b6a933b9bc39046dc8015230657956d7b09d034323d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-robots-tag: noindex
access-control-expose-headers: X-cntry
content-encoding: gzip
cf-cache-status: HIT
etag: "97a48c71a566b9879b9a919deab18561"
x-amz-version-id: 1afsQw7ftNs3EHTT7no5fvQkVU14_200
age: 2550
expires: Tue, 26 Nov 2024 05:28:29 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: text/javascript
last-modified: Fri, 22 Nov 2024 09:31:18 GMT
vary: Accept-Encoding
x-amz-id-2: HG/tKR9fWqt7fIMeNbq9xcChPu14nl6jLRwqFo+cNiUDB8GJmaG2PT9LJblxgGQ3kCuRi8svn/8=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=10800
x-cntry: US
x-amz-request-id: KWY0BJPCP6S2QPJR
cf-ray: 8e8672064b6d6db0-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219401
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
3 KB 185ms
184ms Image
image/png 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca601ccb4b804e78f547d0451200b8cf3f9ac3a88b11ff0fff17b1432226915

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-8ab"
age: 1690194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdXRdb3t89XErP0hiGkTjSL%2B8tG8ccJDy%2Bnf0%2B0rrroswZ5m3QmttNCoZG0Skx988CjLALZek1CsOrvdL91%2FdMMFZox0qLyaPrBmCdm4pfz0OJk5u7NYoK7Cm7KxIukdZYV0Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 14 Oct 2025 18:41:58 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=514&x=1", cfHdrFlush;dur=25
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/png
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9a44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2219
server: cloudflare

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 13 KB
5 KB 322ms
173ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 186bcc05f5b870b7654a13f0263704082b3fbbce560aed44cdcb1b948cc1a081

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cdn-status: 200
access-control-max-age: 3000
content-encoding: br
etag: "6680cd1b6251560dd16b72be492888c7"
access-control-allow-methods: GET
date: Tue, 26 Nov 2024 02:28:29 GMT
last-modified: Mon, 25 Nov 2024 18:12:21 GMT
content-type: text/javascript
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: 0lGXoj6tUUty41SRFq+UPFxd7EfUXSJtRzpS2OmBgMmjtB6hKMlp4WM6EZtknY/91o7YiJ4EuBE=
cdn-requestpullcode: 200
cdn-cachedat: 11/25/2024 20:06:36
cache-control: public, max-age=300
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
cdn-requestid: caf71318254c9d3eef994ee1458bf6e9
cdn-pullzone: 1837468
cdn-proxyver: 1.06
x-amz-request-id: TD0FRNFJCX5S3CKT
access-control-allow-origin: *
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H3 200 loading.gif
beforeitsnews.com/img/v3/ 37 KB
38 KB 184ms
183ms Image
image/gif 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

354d5352d22dea06f2e3cf1add1b456f8a1ca5b4d0a6b36ee859ac606d2c90eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-95e7"
age: 363691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwUpsX5RdnwNGoeymmJQlTTNV5Of3ak5RK2o43ceC9FNpSESzV3OqUGsWjlP3qywNnXqczkUzUMNrJLEHQtQNxSNRpkLh0afWPfWdBsJAmNZ74BKlNZw4PsljcSo%2Bq7iFAao8A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Fri, 14 Nov 2025 17:36:04 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=501&x=1", cfHdrFlush;dur=38
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/gif
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9c44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38375
server: cloudflare

GET
H3 200 ads.png
beforeitsnews.com/img/v3/ 95 B
967 B 73ms
70ms Image
image/png 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-5f"
age: 2046960
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxdYCLKVlPwxuDcfL20N9cZ1tzygVCRSZ8E9kpb5wDtuf2rcwU9nlkiBr6feaWtAMIw3YQ8qICqdAhfdHPPb01LIuo%2FhRIMCHLk4sjRDd37csJ5aNiwfRLnCs1j1VvBhsmEFfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 14 Oct 2025 19:49:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45752&sent=180&recv=89&lost=0&retrans=0&sent_bytes=172978&recv_bytes=15639&delivery_rate=1123929&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=739&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/png
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d4c44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 95
server: cloudflare

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/lemB3dGn5O4/ 10 KB
11 KB 215ms
67ms Image
image/jpeg 2607:f8b0:4006:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/lemB3dGn5O4/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6364520466e6700dbc53bcfe1e90267bab51f9ee55fa0afa5985106b9a787f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

etag: "0"
age: 5864
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 02:50:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 00:50:45 GMT
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10675
x-xss-protection: 0
server: sffe

GET
H3 200 loading.gif
beforeitsnews.com/images/misc/ 2 KB
3 KB 68ms
64ms Image
image/gif 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/images/misc/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25a0be082d625832631400bfb4541a565d989ca1d86809c640412bfc9a224c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-698"
age: 2055099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQyraws6we6pFgTW9f5bGLX%2FRBUCRZvDPI%2FlWZqj0GZ8PuORAasRHmeUxnTfjCh5q3KqEYDIJkyxeGj34%2BrvixjqkmmhYk8Pli9PAYGm%2B71HpNyDjvgAPphuY%2FRirxxHB4FVqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 14 Oct 2025 17:29:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45752&sent=172&recv=89&lost=0&retrans=0&sent_bytes=166380&recv_bytes=15639&delivery_rate=1123929&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=737&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/gif
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d5144db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1688
server: cloudflare

GET
H3 200 tabs-bin-rev-202409012.js Show response
beforeitsnews.com/static/js-v3/ 148 B
1 KB 61ms
60ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-202409012.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fbc-bd"
age: 2075731
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ggjn1yldmKgOfG8KiaiihlN4r%2FQ9jd2TDE7lLpKyTt7nQjdx%2F9l6gmO3J%2F7dQqQ%2FkJeQ%2Bh8xttQBcZG8mAU4dkKyyXz9nrLLYLmOq0DfMBXxyv9M1zkfDPuIlEI0H2WB9FErcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 09 Oct 2024 10:22:04 GMT
cf-polished: origSize=189
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46059&sent=168&recv=76&lost=0&retrans=0&sent_bytes=165235&recv_bytes=11519&delivery_rate=1264506&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=686&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sun, 01 Sep 2024 10:19:40 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e867205cca944db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jsFunctionLoading-bin-rev-202409012.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 71ms
68ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsFunctionLoading-bin-rev-202409012.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3fad07c65f775731f7946c16d84f3b1df007e26dbaf658753522c4fd301a078

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fbb-1984"
age: 2045128
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QslC6%2BrTu%2Bf5%2B7AcyFZ%2FNbIzl8HDpIP%2F3SsV042%2BOhZVzYtjZZTtPi2bzhIU%2F2N0kATL5IAIilw9FHR6LKD3Z9kdQCKSTCRzNdcQ7FM5gQOFK1Rn0vT26W4opFIXPI3Ct972Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 09 Nov 2024 10:22:05 GMT
cf-polished: origSize=6532
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45752&sent=187&recv=89&lost=0&retrans=0&sent_bytes=180061&recv_bytes=15639&delivery_rate=1123929&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=740&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sun, 01 Sep 2024 10:19:39 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d5244db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jsDynamic-bin-rev-202409012.js Show response
beforeitsnews.com/static/js-v3/ 4 KB
2 KB 68ms
65ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-202409012.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

834a3eda9a652fceb913541a280672d0fba0a906e4f4d15043bdd50e838d0dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fbb-1131"
age: 965191
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZcKEXZCGDziM4emLG4TLsLyng52Aju%2FzZ%2Fnnqg6yGN3FeLBBtepv%2BVDug8968qc%2BP1OTQzaPABDVNgAWPRtEz4jy23EVfE%2Fyc9FimSSc7%2FnGGLghrIJDXUNXVVZMlA%2FRK5SSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 09 Nov 2024 10:22:05 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45752&sent=175&recv=89&lost=0&retrans=0&sent_bytes=169025&recv_bytes=15639&delivery_rate=1123929&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=738&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sun, 01 Sep 2024 10:19:39 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d5644db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 responsive-bin-rev-202409012.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
2 KB 73ms
70ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-202409012.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a6fd2260a8310e8d7c7eef4d1d8958148c83b089a2d8fbe4114a39e4c3bd830

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66d43fbb-6c0"
age: 1444925
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1pKgnhr%2F8WFX2SKfXEw3d8GEEE7iI%2FzlaIuZ%2Fz1agjT03Jep58uHcqfnH73QpyhYwA5nqlO2mU%2FpR3k0kXat%2BXYor0slBt4KML77qu15oFDfrMvzX6jsXw2TIIRJY4zYwyfhKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 05 Nov 2024 06:47:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45752&sent=185&recv=89&lost=0&retrans=0&sent_bytes=178372&recv_bytes=15639&delivery_rate=1123929&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=740&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sun, 01 Sep 2024 10:19:39 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d5844db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 validate-bin-rev-202409012.js Show response
beforeitsnews.com/static/js-v3/ 7 KB
3 KB 76ms
73ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-202409012.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fbc-1a18"
age: 2061483
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2BQO9CZcq67AyEGVPhGEqXHy%2F1iY8v8%2BLDtGEm7%2FWGanfLSaNKUdBGtDB1yMhMR53uxHBqrZvOYYd9dq0ko6ikoVDTc%2BFEETDZYH2vDFTNRYezMpWhW5VsZYNnaYi%2BZE0R5zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Mon, 28 Oct 2024 17:58:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46947&sent=229&recv=90&lost=0&retrans=0&sent_bytes=228265&recv_bytes=15684&delivery_rate=141419&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=745&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sun, 01 Sep 2024 10:19:40 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d5944db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 loadmore-bin-rev-202409012.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 72ms
69ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-202409012.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fbb-3999"
age: 1862096
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSKUF1I2gSKWZLMDQ6NbTjvCm0eBJ%2BKH3calcdAm7utc4mmFPBR5Us9w%2BhWphdQsnNjxO6IQOmY7MvA4Zopk%2BkZUyLPOI0OaMyd57x5Db9j9j74COaPJgH7TZbELa4l5QWFqUw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 30 Oct 2024 19:08:25 GMT
cf-polished: origSize=14745
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45752&sent=181&recv=89&lost=0&retrans=0&sent_bytes=173968&recv_bytes=15639&delivery_rate=1123929&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=739&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sun, 01 Sep 2024 10:19:39 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d5b44db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 lazy-loading-bin-rev-202409012.js Show response
beforeitsnews.com/static/js-v3/ 124 B
1 KB 72ms
69ms Script
application/javascript 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-202409012.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-bgj: minify
etag: W/"66d43fbb-ad"
age: 797911
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHm5GBaQ5ZRhEF%2FZgliG3xcO7U1D1kkEUa27Vaahc2veNfEA36eTKDCc9p%2FPsYPzhP5lqzMxGRH%2FTRquNyhJsI5iLppA0sVOGUjPSmMszRDXGekCN9YsD83TBgE9YgQwY6BvPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Fri, 22 Nov 2024 00:45:03 GMT
cf-polished: origSize=173
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45752&sent=184&recv=89&lost=0&retrans=0&sent_bytes=177316&recv_bytes=15639&delivery_rate=1123929&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=739&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: application/javascript
last-modified: Sun, 01 Sep 2024 10:19:39 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d5c44db-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 12098 Show response
nerangee.com/easylist/ 14 KB
6 KB 265ms
168ms Script
text/javascript 2606:4700:3030::6815:3f99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nerangee.com/easylist/12098
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3f99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 240aa53b9fa78467d57c2da5510d1412a2d2b3381dc5f418ef522eb705af705b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
pragma: no-cache
etag: W/"75c510cdcba76ac99396dbf830498ff881e86687"
x-tornado: yes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJjHB%2FKNezTurDfiag%2BYnJV48rTl0M72VFQauiv16aN1OpZpgBpWftfWsbJKsSfWSOI4OZMg8uv%2FrBF5BjdKFrI9rmC%2B5uSI1wrQKKd%2B6K35WGqgGX561zeTn8tXWzqypbw4FHk0%2B%2BJd0PI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e867206ab3fa65f-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=31504&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3990&recv_bytes=2165&delivery_rate=122316&cwnd=254&unsent_bytes=0&cid=227323dcbfbfcaba&ts=181&x=0"
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: text/javascript; charset=utf-8
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
989 B 215ms
89ms Script
text/javascript 142.251.41.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f4.1e100.net

Software

ESF /

Resource Hash

7924456b168de71bd95c60c12ca6ce33da0d399f2dc423a24b026420fe7f321c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 02:28:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 26 Nov 2024 02:28:29 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 84 KB
29 KB 259ms
97ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bef7eae7b6ba7742cc488dca22144fd360127adee720169586b4dd19a82f89b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:29 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 7 KB
4 KB 239ms
64ms Script
application/javascript 2600:9000:2479:c600:18:9413:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2479:c600:18:9413:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 409acd596f57dab69119e634d7c2ac5fc7f6ca056a372631f1f24196ae8b7d4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"1d5c-1935aea681f"
age: 64117
via: 1.1 google, 1.1 cbc24fc015944f60fff0a495ec6d86c0.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
x-amz-cf-id: JVN5YlE9sLTzd0TCxxxkj9Q4Xvr5lyZ8cPUo499slZ_uIAkr0A8wCw==
date: Mon, 25 Nov 2024 08:39:52 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 23 Nov 2024 21:25:31 GMT
vary: Accept-Encoding
x-amz-cf-pop: IAD61-P3

GET
H3 200 top-bg.png
beforeitsnews.com/img/v3/ 164 B
1 KB 72ms
72ms Image
image/png 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

440292eb71e786da59d255d6ff27e9594fb838f1de59004822ab745d50521dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-a4"
age: 1409043
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJg9rwrgr2l6PBNqxtkDBcozwEZaeYH%2FIPrDoRhVBizvPimQxZ48K30CGGmiIMTlOFq8gixVSU%2B6%2FiloSlucLh930lJXBlNY5VmFk4ny5wi%2F%2FRHr2kf8zlgcdRdgTqYhgPk7Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 14 Oct 2025 16:34:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46947&sent=228&recv=90&lost=0&retrans=0&sent_bytes=227198&recv_bytes=15684&delivery_rate=141419&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=742&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/png
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d5e44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 164
server: cloudflare

GET
H3 200 search.png
beforeitsnews.com/img/b4in/ 805 B
2 KB 61ms
61ms Image
image/png 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dd216584b4c5dbdf5c16f8a6d4982c6bcb7d9306ea0476e1e4aad0f2935422a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-325"
age: 650600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OseLShFSL4WVnSmv4f0MiVuqsEHJeIP45OdFncbt5LMLEvFtmQxCq%2F%2BsuHtov7mWJz6DlbPo74nAWD8Q6%2BqPN0ia9kiDVVHHa83xjECQKGwEw8gjB8BaDqBpGf1XuO8KJTm5AA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Fri, 14 Nov 2025 16:34:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45752&sent=178&recv=89&lost=0&retrans=0&sent_bytes=171247&recv_bytes=15639&delivery_rate=1123929&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=738&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/png
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672061d6444db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 805
server: cloudflare

GET
H3 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
16 KB 69ms
69ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-3be6"
age: 19274
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4CMYH4Hn4nP6CSfoJcYlc0AnETPE8Fwf4MQdzpj8cMAUjnEJV3tLWahKjC2pcgN5utiZ9seEDLuKPDLr%2BjOxAmZUK4iWYMNfiTxpsn2LcywNldyGiUEx4P2pWjLhVKtBNL6kxw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Mon, 10 Nov 2025 13:38:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46947&sent=232&recv=90&lost=0&retrans=0&sent_bytes=231136&recv_bytes=15684&delivery_rate=141419&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=748&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672062d6b44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15334
server: cloudflare

GET
H3 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
43 KB 65ms
65ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-a834"
age: 456555
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0uOLD9nDgCjmedYT%2B4Gux3776c%2FQBPGXWVEiVotrERikalYCoYRyw%2B6q2HLfsvyjJS2%2B8tgGrVXYl1btWhPaWZrKiCcYu0xu0qJN1nO10dJp1c%2Bn7brBbe69dEGRUbWP41LBg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Fri, 14 Nov 2025 19:51:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45752&sent=190&recv=89&lost=0&retrans=0&sent_bytes=182255&recv_bytes=15639&delivery_rate=1123929&cwnd=68400&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=741&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672062d6e44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43060
server: cloudflare

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
12 KB 135ms
63ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/

Response headers

age: 322640
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 08:51:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 08:51:09 GMT
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12648
x-xss-protection: 0
server: sffe

GET
H3 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v15/ 15 KB
15 KB 131ms
60ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v15/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

7163309e87661ef555f48a66e16ff192ae874b82a1c95138bd33a3b573d461e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/

Response headers

age: 311103
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 12:03:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 12:03:26 GMT
last-modified: Tue, 02 May 2023 17:00:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15360
x-xss-protection: 0
server: sffe

GET
H3 200 Who%20DIED%20Today%20-%20The%20Executed%20for%20TREASON.jpg
beforeitsnews.com/contributor/upload/974754/images/ 58 KB
59 KB 58ms
56ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/974754/images/Who%20DIED%20Today%20-%20The%20Executed%20for%20TREASON.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

346d0ea3e86550adae9776f14e4e3fba945d8d7896b2de2909791c8c74a479ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "67448969-e93f"
age: 43093
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJngXGCTKX8Ax91NVtZS45rcVDmdoG0M900anuyrYxikjPTOR%2FDl84qrQps%2FA15qk%2BOz5PKeNnlkR4yZapAwIMv%2BdnzDXGbZtaWPmQgNnb3kn%2BfjPodwCQ%2BI6txcogxWVzJdmg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 25 Nov 2025 14:27:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46855&sent=251&recv=106&lost=0&retrans=0&sent_bytes=247833&recv_bytes=22049&delivery_rate=212688&cwnd=84000&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=787&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 14:27:53 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672066ded44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 59711
server: cloudflare

GET
H3 200 Pascal%20Najadi%20BOMBSHELL%20-%20They%20were%20all%20Executed%20at%20GITMO!.jpg
beforeitsnews.com/contributor/upload/106013/images/ 37 KB
38 KB 72ms
69ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/Pascal%20Najadi%20BOMBSHELL%20-%20They%20were%20all%20Executed%20at%20GITMO!.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e4bf5894d6b8840701a8b20149499440afd9638012f82ec6e83a57925d8077b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "6744eae1-952c"
age: 18284
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rm1G9%2ByYqpo625Vu45%2Fn%2FSXqSNn1E0qJJhGkipA7%2FVrxZBubxQ%2FpLPF9Ns5DHnTTx%2FUveVJTvRMU%2F37C%2BJvqdfQ6kF0t1%2BrmyYNmQ%2FXbcs%2F2spBV023nawpkvh%2BHuBjl0gd%2BWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 25 Nov 2025 21:23:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=793&x=1", cfHdrFlush;dur=7
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 21:23:45 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067df244db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38188
server: cloudflare

GET
H3 200 jim_willie(1).jpg
beforeitsnews.com/contributor/upload/106013/images/ 30 KB
30 KB 102ms
98ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/jim_willie(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77596c4be570bd6d50a598da9330fd260618c5f96a9f21d8228e32764c4be03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "64f762e1-765f"
age: 11769
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sepFb%2F%2BY4TocUC8p7rs2Qg4eiDT2N29Dx7PXAhO%2BFGnFnVtZGGB%2BamCLw4f5H5BbaRceCMOqKiAmbIbSHKufgOlxV7MT5ZU0lS%2F20T2NcqA%2BdwI261Nf5R%2Fgnk0T2LmeKLTvuw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Thu, 13 Nov 2025 14:47:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=794&x=1", cfHdrFlush;dur=6
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 17:18:25 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067df744db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30303
server: cloudflare

GET
H3 200 imgpanda_premium_D8vgGB.jpg
beforeitsnews.com/contributor/upload/106013/images/ 41 KB
41 KB 62ms
56ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/imgpanda_premium_D8vgGB.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

019bc417ee2896bf035fd6ce6a0c927555d2d83cb56f25bb11ddc5549ace6f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "6744fe0b-a23a"
age: 13378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wYCW%2BX1K7rHV4YUDfVemy%2FPSTRZW3iUooSRreEBCntH6T%2FuuDYOJty2zmhsxWhhCzXmoo9JklmFYfNmRlLRP9T9VktMsdzDxS5PSBUzI7c8nTZYVWxOrD1cq0hOYPEQd4R9ZyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 25 Nov 2025 22:45:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=304&recv=110&lost=0&retrans=0&sent_bytes=309843&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=791&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 22:45:31 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067dff44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41530
server: cloudflare

GET
H3 200 And%20We%20Know%20(2).jpg
beforeitsnews.com/contributor/upload/106013/images/ 49 KB
50 KB 103ms
96ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/And%20We%20Know%20(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a08af57f388223766f1cc56e7b7c97f0cb9ca3abd0895f92c498dcd71bce4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "674510e7-c517"
age: 8550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6DbRqVWbJ9wEYdjEsSeHd4bAH2sRKgI5rWvo6u0POeGJijNjdidzA4BV25NcPukEbIA2NE%2BdA0WCyul1qKbs2PpIhPWHEHNtOVQ0gAmLJjN3%2F%2FdHywY87757rKok8qWfQt7qqw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 26 Nov 2025 00:05:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=793&x=1", cfHdrFlush;dur=38
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Tue, 26 Nov 2024 00:05:59 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e0844db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50455
server: cloudflare

GET
H2 200 glP4u.oq1b.2-small-Hillary-is-DEAD-They-Are-No.jpg
1a-1791.com/video/s8/1/g/l/P/4/ 25 KB
25 KB 158ms
79ms Image
image/jpeg 207.5.199.200
RUMBLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1a-1791.com/video/s8/1/g/l/P/4/glP4u.oq1b.2-small-Hillary-is-DEAD-They-Are-No.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.5.199.200 , Canada, ASN399647 (RUMBLE, US),

Reverse DNS

207-5-199-200.rumble.cloud

Software

Resource Hash

3306aba68ef83063e3fe13461b1236b9d0d1e72fa0858238ebdd48313dc330d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
cache-control: max-age=5184000
etag: "cd5c646ca39e78d5151fb4528743fc2a"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25648
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 14:55:11 GMT

GET
H3 200 imgpanda_premium_2ypxln.jpg
beforeitsnews.com/contributor/upload/106013/images/ 52 KB
53 KB 103ms
96ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/imgpanda_premium_2ypxln.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd690267153455a14b38549f8af9da7c197e8e8e021efe28041b2c9350ed03de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "6744f770-d188"
age: 15069
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXGoXv66seJiwKzAStVtNIMEyn2Zpx1jeLAzIAC2umIPQr%2F%2BLV2jfO1aguyhyd835nKAMajGX5q%2BuvTznJStxs0FJRKTTXl68hkpn6BZCbqEkEv412gXT%2BKfYp0jzxKp86oNsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 25 Nov 2025 22:17:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47525&sent=326&recv=112&lost=0&retrans=0&sent_bytes=335680&recv_bytes=22658&delivery_rate=1351544&cwnd=100800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=815&x=1", cfHdrFlush;dur=16
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 22:17:20 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e0b44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53640
server: cloudflare

GET
H3 200 maxresdefault%20(11)(3).jpg
beforeitsnews.com/contributor/upload/238306/images/ 59 KB
59 KB 105ms
97ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/238306/images/maxresdefault%20(11)(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32f068e51100198f6e72f2ec0bbb34e35044d485ee2dd1b5be2508035fcae251

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "6744aae5-ea57"
age: 34499
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyDBYTqf%2Bh0VbPoeyNvFAwQJQi2IccvynbsscfOB7LF46juWHhLxymNIOi6%2FJwl2sHoyyTEUH91HACRK5KmRHGHUESW5gKEdb4EDI0q4vz2bc0q5M6i7QC0nn6UKJvzz4PqcZA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 25 Nov 2025 16:50:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=794&x=1", cfHdrFlush;dur=37
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 16:50:45 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e0e44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 59991
server: cloudflare

GET
H2 200 Q3y4u.oq1b.2-small-SG-Anon-Emergency-Declare-N.jpg
1a-1791.com/video/s8/1/Q/3/y/4/ 63 KB
63 KB 157ms
80ms Image
image/jpeg 207.5.199.200
RUMBLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1a-1791.com/video/s8/1/Q/3/y/4/Q3y4u.oq1b.2-small-SG-Anon-Emergency-Declare-N.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.5.199.200 , Canada, ASN399647 (RUMBLE, US),

Reverse DNS

207-5-199-200.rumble.cloud

Software

Resource Hash

5897c27186a4289348a8fb767512005415df28238b2eca7546bb50f372699780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
cache-control: max-age=5184000
etag: "c2cc4139adb39f055b64ffef766a4239"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64569
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 11:40:38 GMT

GET
H2 200 9bjh0h.jpg
i.imgflip.com/ 78 KB
78 KB 203ms
85ms Image
image/jpeg 104.16.71.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/9bjh0h.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.71.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f1850091524210fd723c5152d221a58eef7afe2a6de42aadcc74acd7b70c61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "2e483045de0eabaa871b732c43ff3e1b"
age: 68891
cf-cache-status: HIT
expires: Fri, 24 Nov 2034 02:28:29 GMT
cf-polished: origSize=80240
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 07:14:24 GMT
vary: Accept-Encoding
cache-control: public, max-age=315360000
cf-ray: 8e8672071cd36daf-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79608
server: cloudflare

GET
H3 200 imgpanda_premium_e1TVg7.jpg
beforeitsnews.com/contributor/upload/106013/images/ 38 KB
39 KB 150ms
142ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/imgpanda_premium_e1TVg7.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21780069d1cee91747bc0305234c8d0209b20051fd5dd3dd81afac3184ae7de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "6745189c-97f4"
age: 6577
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTy%2F2KGolI%2FK3cIDvnDZpy30jze5FUoMtMbBz12cQHXvOTNQjo%2BMZRVPcY3jRr0brZMD%2Frwo4fEJST8m7saMqXs0NcwzckcS4fPgtZJVZjT%2FmOPef7jvhTjiI0ybrq2BBPf7FA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 26 Nov 2025 00:38:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=793&x=1", cfHdrFlush;dur=38
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Tue, 26 Nov 2024 00:38:52 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e0f44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38900
server: cloudflare

GET
H3 200 Mike%20King%20Major%20Q%20Intel%20Drop%20-%20What_s%20Coming%20Will%20Shock%20The%20World.jpg
beforeitsnews.com/contributor/upload/106013/images/ 33 KB
34 KB 151ms
143ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/Mike%20King%20Major%20Q%20Intel%20Drop%20-%20What_s%20Coming%20Will%20Shock%20The%20World.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ed7133ff0e9270400c925d672bbae25c0d4af7df9a28dce8795ed31022ba597

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "67451296-8544"
age: 8119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6B7AuJbfaRBQbtHWHWedjuUMJKHFFV4%2B0fA3YzKdrhnvPfuAnojJKgKmIKT69VpwAamEEuk7oXoiHg7i6493Vi3%2BNeKp6nVxc3rPY6D5juVkVwNpx%2FHIV9PhKuI5wT99wXSeWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 26 Nov 2025 00:13:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=796&x=1", cfHdrFlush;dur=36
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Tue, 26 Nov 2024 00:13:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e1044db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34116
server: cloudflare

GET
H2 200 yCJf36ZHTYy2GEBMHvWl4dog_320x180.jpg
static-3.bitchute.com/live/cover_images/d1urdmz7GL1P/ 14 KB
15 KB 275ms
116ms Image
image/jpeg 2400:52e0:1a00::941:1
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/d1urdmz7GL1P/yCJf36ZHTYy2GEBMHvWl4dog_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),

Reverse DNS

Software

BunnyCDN-IL1-941 /

Resource Hash

bd886319fdd01f7017bc221e0c81238513874fab0c9204a474c9710095baa4ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cdn-status: 200
etag: "f5a911d7c62ef2565e7f8c8c5435d786"
date: Tue, 26 Nov 2024 02:28:29 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 15:52:01 GMT
cdn-cachedat: 11/25/2024 15:55:54
cdn-cache: HIT
cdn-requestpullcode: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cdn-requestid: 3bf88328263e8632966ca0aa210f9f6e
cdn-pullzone: 89010
cdn-proxyver: 1.06
x-amz-request-id: tx00000000000000933a29e-0067449e0a-494bc369-nyc3a
accept-ranges: bytes
content-length: 14315
cdn-edgestorageid: 1068
server: BunnyCDN-IL1-941
cdn-requestcountrycode: US

GET
H2 200 kash-patel-fox-768x432.jpg
timothycharlesholmseth.com/wp-content/uploads/2024/11/ 43 KB
44 KB 115ms
33ms Image
image/jpeg 192.124.249.109
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timothycharlesholmseth.com/wp-content/uploads/2024/11/kash-patel-fox-768x432.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.109 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10109.sucuri.net

Software

nginx /

Resource Hash

731995c6ab1325b2cdb3156b7f0fcde708995a597b297b17bd653dee428b23d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
etag: "ad55-62760a1520828"
age: 644
x-content-type-options: nosniff, nosniff
x-cache-hit: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-cacheable: YES
x-cache: cached
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Wed, 20 Nov 2024 23:37:17 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-sucuri-id: 17009
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
cache-control: max-age=315360000
x-backend: varnish_ssl
accept-ranges: bytes
content-length: 44373
x-xss-protection: 1; mode=block, 1; mode=block
server: nginx
x-php-version: 7.4

GET
H3 200 joker-burning-money.jpg
beforeitsnews.com/contributor/upload/106013/images/ 31 KB
32 KB 151ms
144ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/joker-burning-money.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60d282aefb56b14a48336f0c7b5fd678f31625024977397d34542e25c2d8a448

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5ef7d293-7bb0"
age: 270754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MK4s5jUp2qIh1aMQPnKTj6zbpJ704Jm7x0Vx6a0ohnlxMQrxe7q%2F9McZ1hBmcM2U%2BL2E7j3PrDgZ1LHNlIWbTo9d9LHF2e%2B3rBCcE0iA3iKb2X1d2%2FSIiyQO5xy00H3C5rSPRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 22 Nov 2025 07:59:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=798&x=1", cfHdrFlush;dur=34
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Sat, 27 Jun 2020 23:13:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e1244db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31664
server: cloudflare

GET
H3 200 A_Redacted2.jpg
beforeitsnews.com/contributor/upload/428376/images/ 26 KB
27 KB 154ms
147ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/428376/images/A_Redacted2.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24c081c957e05e485d630de709d6dc8def7a807c49ee010247a5224718d18fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "6743b994-6988"
age: 96299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptAxC9k6x2ihur03oBWv5y4hv%2FB4noKSG1OSE9P47T7xwnajuMk7tGR4uLRFh7KH7qTd5O47SAGrPkLOu5ldROo%2B92RZBRJEog%2B0iByOPUtFu8nA%2FASgFw7vM1UVZ9PeGPmxKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Mon, 24 Nov 2025 23:41:22 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=799&x=1", cfHdrFlush;dur=33
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 23:41:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e1544db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27016
server: cloudflare

GET
H3 200 imgpanda_premium_a1oGEO.jpg
beforeitsnews.com/contributor/upload/106013/images/ 43 KB
43 KB 157ms
150ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/imgpanda_premium_a1oGEO.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

563be17210008f81c6818b9e0c921845950f1adad087b974c455f776d9ede863

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "6743ce0d-aa0d"
age: 91200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3%2BNo3fBqxm2w1nlkUkjk6hjKn4XbrAJNECyvyxKUvWoKbpG0c3gyn8sRTh8bVMRugS8TYS9eCJ0TIxJGxwnqQkxh75D5ETJkr74Ai2It%2BGxRCwpEdMDD%2BFnJH94BYtysx8spw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 25 Nov 2025 01:08:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=795&x=1", cfHdrFlush;dur=37
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 01:08:29 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e1744db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43533
server: cloudflare

GET
H2 200 9bjdj9.jpg
i.imgflip.com/ 86 KB
87 KB 191ms
86ms Image
image/jpeg 104.16.71.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/9bjdj9.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.71.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e73a4ed372600b7fdf9c1e5a2a069c7127c09758b471cb312382de18278129ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "53b0200c519cf0dbb893ac7bbd9da1ee"
age: 72547
cf-cache-status: HIT
expires: Fri, 24 Nov 2034 02:28:29 GMT
cf-polished: origSize=89620
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 06:16:53 GMT
vary: Accept-Encoding
cache-control: public, max-age=315360000
cf-ray: 8e8672071ccd6daf-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 88383
server: cloudflare

GET
H2 200 hXb2u.oq1b.1.jpg
1a-1791.com/video/s8/6/h/X/b/2/ 17 KB
17 KB 127ms
62ms Image
image/jpeg 207.5.199.200
RUMBLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1a-1791.com/video/s8/6/h/X/b/2/hXb2u.oq1b.1.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.5.199.200 , Canada, ASN399647 (RUMBLE, US),

Reverse DNS

207-5-199-200.rumble.cloud

Software

Resource Hash

f4c3ff806ceb05bf996817ab3bfd1bf3497403851cd4b116b1f6c0ae0bedde63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
cache-control: max-age=5184000
etag: "5e88b416f24d7b2b9b8ea5a655c22618"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17228
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 03:47:54 GMT

GET
H2 200 9bg4u4.jpg
i.imgflip.com/ 64 KB
65 KB 54ms
54ms Image
image/jpeg 104.16.71.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/9bg4u4.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.71.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 607c5b7a8d645727e413a0a622dc0d7ffd6b859f62ed401b8f4b66d18c301c22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "1b6e35c7e92043625b34eb9504a033ee"
age: 158778
cf-cache-status: HIT
expires: Fri, 24 Nov 2034 02:28:29 GMT
cf-polished: origSize=66299
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 06:20:24 GMT
vary: Accept-Encoding
cache-control: public, max-age=315360000
cf-ray: 8e8672071cd56daf-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65692
server: cloudflare

GET
H2 200 maxresdefault.jpg
img.youtube.com/vi/0ysh-LxzqgI/ 156 KB
156 KB 221ms
65ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/0ysh-LxzqgI/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efd8eea2b72a9271d1106d86dc9b44c3fa7bf4c5cddab3317adee45f9c09de19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

etag: "1732503376"
age: 133
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 02:31:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:26:17 GMT
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=300
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 159415
x-xss-protection: 0
server: sffe

GET
H3 200 imgpanda_premium_I8ndiV.jpg
beforeitsnews.com/contributor/upload/106013/images/ 34 KB
35 KB 161ms
155ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/imgpanda_premium_I8ndiV.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

751e79f2e164260d51dadea6f6fa5fd41e58b5b5b473ee2f982b275287390406

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "6740f3ac-8809"
age: 278177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liX%2FeqcrI4IeQSZj4NVCqOXgAaxI%2BKDXaHW%2BkWtnkne5E%2BGGFin6yPCctOswWNvhO4ZqR0h6MOni4GSQVtZRG0rZakrzbaNGLGASa%2F9BYhCP45Or8M3hmIWQ0LOnu58tHkUXZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 22 Nov 2025 21:12:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47525&sent=326&recv=112&lost=0&retrans=0&sent_bytes=335680&recv_bytes=22658&delivery_rate=1351544&cwnd=100800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=810&x=1", cfHdrFlush;dur=22
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 21:12:12 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e1944db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34825
server: cloudflare

GET
H2 200 9blyeb.jpg
i.imgflip.com/ 94 KB
94 KB 73ms
71ms Image
image/jpeg 104.16.71.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/9blyeb.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.71.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924e39a741acaac39cb98d2ec45d1902f798ba88051cb3a452b0bce81a50d96d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "dfd33851d23a3c4c56abab2a635d3d0b"
age: 24506
cf-cache-status: HIT
expires: Fri, 24 Nov 2034 02:28:30 GMT
cf-polished: origSize=96640
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 19:31:24 GMT
vary: Accept-Encoding
cache-control: public, max-age=315360000
cf-ray: 8e8672076d256daf-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96451
server: cloudflare

GET
H3 200 Dr_%20Jan%20Halper-Hayes%20Update%20Explosive%20Intel%20on%20Trump%20-%20Bring%20Them%20All%20Down.jpg
beforeitsnews.com/contributor/upload/974754/images/ 34 KB
35 KB 170ms
164ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/974754/images/Dr_%20Jan%20Halper-Hayes%20Update%20Explosive%20Intel%20on%20Trump%20-%20Bring%20Them%20All%20Down.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02100e72a94c97166a160feab0e6a8b7e8c3420f622e25e08f303d28a37a8b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "67451ab3-8755"
age: 5566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qeQpt9pBPot3SJK2Pljl6obYLztlBsmMOC%2BcA3BCHwynVvUevXarjWiAjdVikAme3VeY7ErH9whEVfTEs%2FV%2BLdML6Lc7FgmRXnCsfEtVlNQ2KNUcsdKlQXPjjXrveQF6QsW%2BeA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 26 Nov 2025 00:47:48 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=797&x=1", cfHdrFlush;dur=35
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Tue, 26 Nov 2024 00:47:47 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e1b44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34645
server: cloudflare

GET
H3 200 IMG_20241125_180345_(500_x_264_pixel).jpg
m.beforeitsnews.com/contributor/upload/916576/images/ 49 KB
50 KB 192ms
186ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.beforeitsnews.com/contributor/upload/916576/images/IMG_20241125_180345_(500_x_264_pixel).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2aa56e4c0d992ca5448fc06f166c6c2150eeb56e7b2f14605575c1060b4b54d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "67451fb6-c3f3"
age: 4704
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Db3fIso%2F%2B5R0gny3QgL9zwEk%2BPJBhZF8iIv3UdlnlT%2FltHHxVavAju0y8emVV9ad9X8BVVBZ7s5TVwE58v62yyhPp6VZ%2Buw3Usoc09QG7s7NePXNTdoDqvm0aZNFz%2FSfW6EjGey0"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 26 Nov 2025 01:09:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=799&x=1", cfHdrFlush;dur=33
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Tue, 26 Nov 2024 01:09:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e1c44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50163
server: cloudflare

GET
H3 200 0X22%20Report%20(3).jpg
beforeitsnews.com/contributor/upload/106013/images/ 53 KB
54 KB 196ms
191ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/contributor/upload/106013/images/0X22%20Report%20(3).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769ccc1bf237cb4a03502994879523b208234469667053d4cb343dd29fb89bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "674520a8-d4b4"
age: 4517
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HvVFgq%2B1U86mfIqBmuPiOGMYMQgI3IK36djsrw0JfDkTQRDBS4jzGXmsfTJ8BOg5SxNO3sVcfHLwsFe6pIyTKe5tXYBJALOKF1cLEJBCaZa78TNuKC6cKZ%2B0fTpp0mnG6pynbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 26 Nov 2025 01:13:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47326&sent=316&recv=110&lost=0&retrans=0&sent_bytes=324080&recv_bytes=22225&delivery_rate=1240891&cwnd=94800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=799&x=1", cfHdrFlush;dur=33
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Tue, 26 Nov 2024 01:13:12 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672067e1e44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54452
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
78 KB 227ms
80ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32b45539cb50bea36f1261b75231ab26bd90bc25ce1c4733b01be2ed3aa785c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 26 Nov 2024 02:28:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79070
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 3 KB
3 KB 180ms
180ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fea23fcfa5c62b0dea00665d0da4a425bd47776483ee77ac8037fe740e7d0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-202409012.css

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-a0e"
age: 1315025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CjA0ubIi0OYG16pntXRtlGojetsdENHErAEk2cDaO2RcVrjNZ7EBQA77u089Ie3c3Lldvkty5dajG6Hvp7Vj8798ZejE9eOM8Wg9HnEzmLqGRETLQof5PTqSejwm0Z5rbQGuPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Fri, 07 Nov 2025 03:44:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47525&sent=326&recv=112&lost=0&retrans=0&sent_bytes=335680&recv_bytes=22658&delivery_rate=1351544&cwnd=100800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=825&x=1", cfHdrFlush;dur=11
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/jpeg
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672069e3d44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2574
server: cloudflare

GET
H3 200 showing.php Show response
a1.beforeitsnews.com/dAjax/ 30 KB
7 KB 289ms
233ms XHR
text/html 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.beforeitsnews.com/dAjax/showing.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24e33e581a3352c9277f8ced01c7040dd558934a3c7d3f5d8e9ce3f1e01b6ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQNLbihFdgriZlONji8%2B2Ohws3%2FSDIDpEE6A8BfTh%2B3%2FNHUM3cWhwfn9629lHooQvZ1oErT7S3o4RxTRPbcEMraKYRjE7A5Q%2BSDMYkl1J3MsbNdGF7%2FKCY4d2YIyOnda4zxEeBHUiw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31592&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4219&recv_bytes=4454&delivery_rate=476&cwnd=12000&unsent_bytes=0&cid=1fbc9016124258b6&ts=244&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e867206fd613714-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 128ms
67ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-202409012.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"09282956186c8515ef0d208902803581"
age: 1905
expires: Fri, 29 Nov 2024 02:28:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 8e867207f9497464-MIA
server: cloudflare

POST
H2 200 count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 15 B
916 B 285ms
199ms XHR
text/html 2606:4700:3034::ac43:8d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:8d4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1fd1f8d1281333e7e2b5500bbf118f6c45da4c51f1e8f44f143c0f137731f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VlQ7MFCljOgMJnRA9D3G%2B2xDm7DN3yB6URzbPyofHvSAu76uS8hypy96QZywHqlU44r0Im0XB%2FzyRaLUK5AK4eO3fSix8N1Ba7Zx6zpecdbNx9wsUxhiMkRmOW%2F912lEkm7Fh9oHbRCsFtFcjeArDLczxg93"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=31821&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4032&recv_bytes=2372&delivery_rate=126507&cwnd=254&unsent_bytes=0&cid=614bef1b284b64e7&ts=207&x=0"
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672076c477425-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3

200

main.js Show response
beforeitsnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame 0D99
Redirect Chain

https://beforeitsnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://beforeitsnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

8 KB
4 KB

57ms
56ms

Script
application/javascript

172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75cc3525ba0aed9259ab5dd98dec7ba539a198348923abf976224d2b1f4ff71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=goJTPg2eNdPrEi%2FnWkSo8cKSih0dzaqipVtmuQad%2BMKf%2FHX6%2BNxIJnzGFJ4sGRILycPMezUUU8yO80Pp7IO9lro2%2B5mmLKoaCxh2kNWeHbKHmyM9PMaEESDl7ZRS2jMs%2FdW3FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e867207d84144db-ATL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46965&sent=872&recv=180&lost=0&retrans=0&sent_bytes=965735&recv_bytes=26288&delivery_rate=3756903&cwnd=379200&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=1009&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxYtrOZ8QrzKjT3YZSov6lfe0M52XWPNeFRicJhXfwLEpxpPHXMWH8oddHfo7XJEPZkvgKmQlyvNcOBHsCh05ZkVsGN7q2csRYTY5VShRbN3VWMoO%2BENBXMgXR3Cen1IcdhS9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e867206fed844db-ATL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=45548&sent=482&recv=123&lost=0&retrans=0&sent_bytes=514505&recv_bytes=23425&delivery_rate=1701170&cwnd=177600&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=876&x=1", cfHdrFlush;dur=1
date: Tue, 26 Nov 2024 02:28:29 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 547 KB
216 KB 131ms
61ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/

Response headers

content-encoding: gzip
age: 15337
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 22:12:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 22:12:53 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220753
x-xss-protection: 0
server: sffe

GET
H2 200 10864438442185062
customads.co/lad/ Frame 8E82 0
0 192ms
116ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=2365&embed_type=7&embed_frame_container_type=3
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 943
content-type: text/html; charset=utf-8
date: Tue, 26 Nov 2024 02:28:30 GMT
via: 1.1 google

GET
H2 200 10864440455450982
customads.co/lad/ Frame 4CC0 0
0 185ms
117ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=4232&embed_type=7&embed_frame_container_type=3
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 943
content-type: text/html; charset=utf-8
date: Tue, 26 Nov 2024 02:28:30 GMT
via: 1.1 google

GET
H2 200 9777028388081510
customads.co/lad/ Frame BFB2 0
0 186ms
124ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/9777028388081510?pubid=ld-6512-6157&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=4232&embed_type=7&embed_frame_container_type=3
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 943
content-type: text/html; charset=utf-8
date: Tue, 26 Nov 2024 02:28:30 GMT
via: 1.1 google

GET 2d97cc7c-703b-46bb-9d26-664b2091688d
https://beforeitsnews.com/ Frame 0
0

GET ec8db3ee-3257-4ed0-9478-95c8c3cbccc4
https://beforeitsnews.com/ Frame 0
0

GET d2fcac2c-3274-49fe-b679-01ff6351489e
https://beforeitsnews.com/ Frame 0
0

GET 507bf8df-5668-4cda-b558-b21a38018a30
https://beforeitsnews.com/ Frame 0
0

GET 1600291e-a3d1-470b-8baf-eb86b3b8998c
https://beforeitsnews.com/ Frame 0
0

GET 76703d70-1d4d-44b9-87b5-3fbfa1d1dc87
https://beforeitsnews.com/ Frame 0
0

GET 1f38c1de-ccd6-425b-a831-84a3febc28f5
https://beforeitsnews.com/ Frame 0
0

GET 645ce717-dada-4892-8915-1deb1eb0d0c4
https://beforeitsnews.com/ Frame 0
0

GET
H2 200 /
www.tradingview-widget.com/embed-widget/ticker-tape/ Frame 4E25 0
0 209ms
70ms Document
text/html 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tradingview-widget.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; script-src https://static.tradingview.com/static/ blob: https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-VasXzLnNu1AM3iKp94V2Hw=='; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=120
cdn-cache: HIT
cdn-cachedat: 11/26/2024 02:27:01
cdn-edgestorageid: 885
cdn-proxyver: 1.06
cdn-pullzone: 2118568
cdn-requestcountrycode: US
cdn-requestid: c1e8f4bde474aa5133d0821b2ec4492e
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-status: 200
cdn-uid: 0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; script-src https://static.tradingview.com/static/ blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-VasXzLnNu1AM3iKp94V2Hw=='; object-src 'none'
content-type: text/html; charset=utf-8
date: Tue, 26 Nov 2024 02:28:30 GMT
expires: Tue, 26 Nov 2024 02:28:35 GMT
referrer-policy: origin-when-cross-origin
server: BunnyCDN-NY1-885
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 /
rumble.com/embed/v5qrvct/ Frame DDD1 0
0 359ms
231ms Document
text/html 205.220.231.24
PATH-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/v5qrvct/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

205.220.231.24 Phoenix, United States, ASN396998 (PATH-NETWORK, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload max-age=31536000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private,max-age=1
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 02:28:30 GMT
link: <https://rumble.com/v5t10f5-tim-brown-joins-bradlee-dean-live.html>; rel="canonical"
server: openresty
strict-transport-security: max-age=31536000;includeSubDomains;preload max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 ogXo7X2pt2s
www.youtube.com/embed/ Frame 9C16 0
0 341ms
208ms Document
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ogXo7X2pt2s

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 02:28:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 10770438ce986abe82c56eee47f840b2f65779dd.jpeg
beforeitsnews.com/img/year2024/11/ 14 KB
15 KB 63ms
60ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/year2024/11/10770438ce986abe82c56eee47f840b2f65779dd.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

501d928ee8a11d9b7973733c58e816acf0cde52e85802fce081cf732dd7223b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5f3b3136-36b4"
age: 2073173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbBVuduuLiMBmxwA3PHylbqOUQg5oalcAHC3f8MAS1s9uaQL9Y4kJx9%2F2rDCVN8CqSoHLyYQCKZKe5xSOA09UrxfPX5ySUY4ObaOeBbNLbe0uol5tfFrQh0t9maSuWo1Nmjk%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 01 Nov 2025 04:00:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46606&sent=887&recv=186&lost=0&retrans=0&sent_bytes=982390&recv_bytes=28444&delivery_rate=71113&cwnd=379200&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=1160&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: image/jpeg
last-modified: Tue, 18 Aug 2020 01:39:02 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e867208c9d344db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14004
server: cloudflare

GET
H3 200 4650b593f0e99a6af4f9cff71b50574ff5eb7f6f.jpeg
beforeitsnews.com/img/year2024/11/ 12 KB
13 KB 69ms
67ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/year2024/11/4650b593f0e99a6af4f9cff71b50574ff5eb7f6f.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9585a6a9f307b6dc246da04f48e50ec7b76735ca9bdd9d9c5f96564fb279be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5f3b1914-2fc5"
age: 1800445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4X0csRiGnIamiwKseiVYm3uzXIDiVuwsqlCrxs6Edr2aqBftN2qT840abfz0HXSMxXjqP5U%2BrrqMIdxZIWWDLruwZsfjjusnA9cz%2Fca8PEHfcopb5c3FXCDYy1LeTEPIhbk%2BuA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 01 Nov 2025 04:00:04 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46606&sent=887&recv=186&lost=0&retrans=0&sent_bytes=982390&recv_bytes=28444&delivery_rate=71113&cwnd=379200&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=1160&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: image/jpeg
last-modified: Mon, 17 Aug 2020 23:56:04 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e867208c9da44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12229
server: cloudflare

GET
H3 200 70189017dfbe10d1266577b2701c43e156554529.jpg
beforeitsnews.com/img/banner_contract/ 68 KB
69 KB 81ms
79ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/70189017dfbe10d1266577b2701c43e156554529.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9864dcf84a8454f6e555202b5713c5b3d66575f8abee347de008403fa8c14e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "633e27e6-10f96"
age: 1690285
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZlwAyqsosMGKd8thQsaKlODWa2JssCcwdDAERM3jfF6rCXWY6gL3DlhGosYKS3wYRt%2BN7dOGeSKQC2Ccnstx9taU2CtSRYQjYQxsNfaaR5kkrd2JiWZ3PoxRrQy8usgtYbfpbg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 14 Oct 2025 17:36:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46606&sent=950&recv=186&lost=0&retrans=0&sent_bytes=1055598&recv_bytes=28444&delivery_rate=71113&cwnd=379200&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=1178&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: image/jpeg
last-modified: Thu, 06 Oct 2022 00:57:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e867208c9dc44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69526
server: cloudflare

GET
H3 200 f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg
beforeitsnews.com/img/banner_contract/ 36 KB
37 KB 61ms
59ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner_contract/f97bdd5e1f13d3b5fd64f1b071040a69bea99a92.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "60a8f625-8ea0"
age: 1778601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLsvIOTVRqCd%2BWjPLSC8sxFJnDBGa1E7cNhK%2FXYjZJkOgkw5z5qsKhB5eLsYHCsRTV7GLmI1wIW5iFM9fUxKA2s6hwx6PQZqihEvnPzb88Vmde%2BjLpEcZwnR6J9yrdvrpbbrKg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Wed, 05 Nov 2025 11:16:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46606&sent=877&recv=186&lost=0&retrans=0&sent_bytes=970390&recv_bytes=28444&delivery_rate=71113&cwnd=379200&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=1160&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: image/jpeg
last-modified: Sat, 22 May 2021 12:16:37 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e867208c9df44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36512
server: cloudflare

GET
H3 200 94ffcdb0680690132d3ef97592cbc74e20387484.jpeg
beforeitsnews.com/img/year2024/11/ 17 KB
18 KB 69ms
67ms Image
image/jpeg 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/year2024/11/94ffcdb0680690132d3ef97592cbc74e20387484.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9054eb850682d3eb5239c7478a52bfae0ff44261d324f9dbf4a82e38fd90fc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5c50f079-42ae"
age: 1770326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yc5%2F8k4SucD0foBIRj7Q4tKvmCyIwlV1j4Z8rxR9GVpyzFK2SUG4twCasFPY3qoHZFJqZuJpa7k72Y0zbCSFrz%2B%2FyA7P4PGiEyu%2Bon24T%2FIY7JW7kGBZa3jpZ90%2Bre3%2By8D%2B0A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Sat, 01 Nov 2025 04:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46606&sent=934&recv=186&lost=0&retrans=0&sent_bytes=1037235&recv_bytes=28444&delivery_rate=71113&cwnd=379200&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=1161&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: image/jpeg
last-modified: Wed, 30 Jan 2019 00:31:53 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e867208c9e044db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17070
server: cloudflare

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/ 22 KB
4 KB 76ms
74ms Stylesheet
text/css 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.6BYrwBw7ZeM.O/am=DgY/d=1/rs=AN8SPfpXt_vk9FwGq23F42u3ZkEBhWyzXg/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: gzip
age: 333999
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 05:41:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 05:41:51 GMT
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4144
x-xss-protection: 0
server: sffe

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.6BYrwBw7ZeM.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqPny87txpCFshCaCIprMA4GeWYmw/ 213 KB
74 KB 212ms
65ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.6BYrwBw7ZeM.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqPny87txpCFshCaCIprMA4GeWYmw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.6BYrwBw7ZeM.O/am=DgY/d=1/rs=AN8SPfpXt_vk9FwGq23F42u3ZkEBhWyzXg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb53fabc05829893de8084627ad842fe1807c0eadf634985c3a9405369916914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: gzip
age: 29888
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 18:10:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 18:10:22 GMT
last-modified: Fri, 22 Nov 2024 22:11:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75107
x-xss-protection: 0
server: sffe

POST
H3 200 8e86720358c544db Show response
beforeitsnews.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 0D99 0
1 KB 73ms
66ms XHR
text/plain 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/challenge-platform/h/g/jsd/r/8e86720358c544db

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mpfmsVt0ncbyEWcsrcnXobS1ePmu7uAUZFOzqePqp%2FuXdb3wXwXo4DgqWeTDKw%2FoSpx9QhFBEZCHAPpJs6hDNrgJGzLlPaC1roGLT3KxZnPhW2NCeHrOfzZBwx7SlU%2BodgUY4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e8672097b3244db-ATL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46304&sent=1016&recv=217&lost=0&retrans=0&sent_bytes=1127749&recv_bytes=46312&delivery_rate=2899257&cwnd=379200&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=1282&x=1", cfHdrFlush;dur=0
content-length: 0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 YqCruUbpsk4
www.youtube.com/embed/ Frame B840 0
0 144ms
130ms Document
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YqCruUbpsk4?si=ShWbPJOx2zN-Zjy-

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 02:28:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 206
Partial Content 6c1160a1-8434-4b70-8433-c1757e403556
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/6c1160a1-8434-4b70-8433-c1757e403556
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Type: video/mp4
Content-Range: bytes 0-1492/1493
Content-Length: 1493

GET
BLOB 206
Partial Content eeedb21c-1bdd-48b9-8ccb-d4c32a0524d2
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/eeedb21c-1bdd-48b9-8ccb-d4c32a0524d2
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Type: video/mp4
Content-Range: bytes 0-1492/1493
Content-Length: 1493

GET
BLOB 206
Partial Content 68083cbe-700e-43ac-8d3b-552ed8527afd
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/68083cbe-700e-43ac-8d3b-552ed8527afd
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Type: video/mp4
Content-Range: bytes 0-1492/1493
Content-Length: 1493

GET
BLOB 206
Partial Content 00abdd09-e6d9-4bec-a8d3-4de3d304766e
https://beforeitsnews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beforeitsnews.com/00abdd09-e6d9-4bec-a8d3-4de3d304766e
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Type: video/mp4
Content-Range: bytes 0-1492/1493
Content-Length: 1493

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 77ms
77ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"7e91359b46e1da637080a03b759164fa"
age: 2869
expires: Fri, 29 Nov 2024 02:28:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 8e8672099bd27464-MIA
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 220ms
99ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nerangee.com
URL: https://nerangee.com/easylist/12098

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

f2b2a8a1fb15fbdd74a94eb7c8dfc5b9992cc436b2b678eef1cf6e162beb899e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: br
etag: 7439648307973024330
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 02:28:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53301
x-xss-protection: 0
server: cafe

GET
H3 200 advertising.js Show response
rddywd.com/ 9 B
652 B 110ms
48ms Script
application/javascript 172.67.138.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: nerangee.com
URL: https://nerangee.com/easylist/12098
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cf-cache-status: HIT
age: 48359
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gT8FZqjM%2BcJTfCcQoAE%2B0EOE6SKdVw2%2Bcvf%2F8lLc3oQXkzSnbHFVr7lJlVzy51cBCEw%2FSmNyXi1tpfSaTxQFP8R23ItDVfVFcDK7wsb%2F4Hcu4hb9TKkGtrFTx316"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31282&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4132&recv_bytes=4232&delivery_rate=89392&cwnd=12000&unsent_bytes=0&cid=1d40a27a86852ecc&ts=63&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 13:02:31 GMT
vary: Accept-Encoding
cache-control: public, max-age=86401
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e867209f827a671-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9
server: cloudflare

GET
H3 200 adcode.png
rddywd.com/ 43 B
685 B 114ms
53ms Image
image/gif 172.67.138.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/

Response headers

cf-cache-status: HIT
age: 48912
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkINLryS3B4Sgzq27RHngNC7NqtSbovCJ%2BOiTRjNutrrvqeO6IUSbxDIJ95t0XSCLKyZh5OduJV5esAoM4o%2B0oTDWjmzc2gBKe%2FqGMZimKZgAqwcjJBI24F%2B1ATG"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32375&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4131&recv_bytes=4316&delivery_rate=85811&cwnd=12000&unsent_bytes=0&cid=035c6249bd2cd31d&ts=69&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
vary: Accept-Encoding
cache-control: public, max-age=86401
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e867209fe8eb3e5-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 204 generate_204
www.googleapis.com/ 0
117 B 218ms
69ms Image
text/plain 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 26 Nov 2024 02:28:30 GMT
cross-origin-resource-policy: cross-origin

GET
H3 200 /
c.mgid.com/pv/ 43 B
205 B 84ms
73ms Image
image/gif 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fbeforeitsnews.com%2F&cbuster=1732588110343108542087&pvid=193664c82079a267dd5&implVersion=17&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&site=310742&cid=720413&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e867209c8186db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: image/gif
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 201ms
62ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: gzip
age: 1182
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 04:08:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:08:48 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 204 td
www.googletagmanager.com/ 0
332 B 83ms
81ms Image
text/plain 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=GTM-5D8XJ6Q&v=3&t=t&pid=177271241&dl=beforeitsnews.com%2F&tdp=GTM-5D8XJ6Q;62245780;0;0;0&frm=0&rtg=62245780&slo=18&hlo=37&lst=1&z=0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 0BB5 0
0 225ms
97ms Document
text/html 142.251.41.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&co=aHR0cHM6Ly9iZWZvcmVpdHNuZXdzLmNvbTo0NDM.&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=5yjvgw96vtz5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_tEXcAsj-mwnUMB-8oSHTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_tEXcAsj-mwnUMB-8oSHTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 02:28:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 web Show response
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 4 KB
2 KB 151ms
94ms Script
text/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95177cc64ba652612c32382178011176f71a53ac9c2487c77ddc3c089272efd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-request-id: 0c9353be-3a4e-422f-bb40-b1aba17d805b
content-encoding: br
cf-cache-status: HIT
etag: W/"95177cc64ba652612c32382178011176"
age: 2619
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:28:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 02:28:30 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.028439
priority: u=3,i=?0
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 8e86720afa17db2d-MIA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
DATA 200
OK truncated
/ Frame 3C80 0
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/ Frame E646 22 KB
0 76ms
74ms Stylesheet
text/css 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/m=el_main_css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.6BYrwBw7ZeM.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqPny87txpCFshCaCIprMA4GeWYmw/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: gzip
age: 333999
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 05:41:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 05:41:51 GMT
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4144
x-xss-protection: 0
server: sffe

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 72ms
69ms Image
image/svg+xml 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: gzip
age: 374442
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 18:27:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 18:27:48 GMT
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3340
x-xss-protection: 0
server: sffe

GET
H3 200 cleardot.gif
www.google.com/images/ 43 B
65 B 91ms
89ms Image
image/gif 142.251.41.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f4.1e100.net

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 43
date: Tue, 26 Nov 2024 02:28:30 GMT
x-xss-protection: 0
content-type: image/gif
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 62ms
60ms Image
image/png 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/m=el_main_css

Response headers

age: 6266
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 00:44:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 00:44:04 GMT
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 1842
x-xss-protection: 0
server: sffe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
373 B 78ms
76ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1687590441&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1671925577&gjid=1100720269&cid=1212335341.1732588111&tid=UA-16055024-1&_gid=849976291.1732588111&_r=1&_slc=1&gtm=45He4bk0n815D8XJ6Qv862245780za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=538102539

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

244e78367abd0c19f7f065ea29e6fb5433d63dda554f728d53daec8bea9aab43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://beforeitsnews.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:30 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://beforeitsnews.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
407 B 67ms
65ms Image
image/gif 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1687590441&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1212335341.1732588111&tid=UA-16055024-1&_gid=849976291.1732588111&gtm=45He4bk0n815D8XJ6Qv862245780za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1071059962

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

age: 21122
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 20:36:28 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 67ms
66ms Image
image/gif 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

age: 21122
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 20:36:28 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
101 KB 80ms
79ms Script
application/javascript 142.250.176.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6HC1RQLPR&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f8c1688775082e4596a2213fb04684c036d7040929152a957e14ee00e2d3dc49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 26 Nov 2024 02:28:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103099
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 63ms
51ms Image
image/svg+xml 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"617c205137825561208ef7c1a2d8f319"
age: 5933
expires: Wed, 27 Nov 2024 02:28:31 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
vary: Accept-Encoding
x-amz-id-2: M0DJOimsdAPPZ1XbpBCYQl0Qdd6gsxLJ++Pk5zeUnUpxKSAHGf/I28s3ShIgAVtwaVMNYJxgUFM=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
x-amz-request-id: C3062BSN3X22DNXE
cf-ray: 8e86720eee7e6db0-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 63ms
52ms Image
image/svg+xml 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
age: 4988
expires: Wed, 27 Nov 2024 02:28:31 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
vary: Accept-Encoding
x-amz-id-2: +N3Z0N/Kshclq4jrPKvmLy+mk3tyCyKUgB1N6zUHLdp5CEMwgXaY+pQ+tginQdiLJ7oicjWISEM=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
x-amz-request-id: 7B7HQBNSZ90QJPRT
cf-ray: 8e86720eee7c6db0-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 64ms
63ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/

Response headers

age: 311223
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 12:01:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 12:01:28 GMT
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16224
x-xss-protection: 0
server: sffe

GET
H3

204

https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je4bk0v9134588528za200&_p=1732588109815&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~1020814...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=16756617193115734359&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&d...

0
0

97ms
97ms

Fetch
text/plain

216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=16756617193115734359&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=16756617193115734359&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 356ms
65ms Ping
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X6HC1RQLPR&cid=1212335341.1732588111&gtm=45je4bk0v9134588528za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6HC1RQLPR&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://beforeitsnews.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 5EC5 0
0 335ms
83ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-X6HC1RQLPR&gacid=1212335341.1732588111&gtm=45je4bk0v9134588528za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2132492497

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6HC1RQLPR&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 02:28:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

204

https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je4bk0v9134588528za200&_p=1732588109815&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=e...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=4631826523964094093&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl...

0
0

75ms
75ms

Fetch
text/plain

216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=4631826523964094093&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=4631826523964094093&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H3

204

https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je4bk0v9134588528za200&_p=1732588109815&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=e...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=14379166718986805167&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&d...

0
0

63ms
62ms

Fetch
text/plain

216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=14379166718986805167&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1212335341.1732588111&dbk=14379166718986805167&dma=0&en=page_view&gtm=45je4bk0v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H3 200 1 Show response
servicer.mgid.com/720413/ 2 KB
1 KB 390ms
376ms Script
application/x-javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/720413/1?nocmp=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&w=370&h=331&ident_p=true&sz=366x284&szp=1&szl=1&sessionId=6745324f-02366&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fbeforeitsnews.com%2F&cbuster=1732588111368476144620&pvid=193664c82079a267dd5&implVersion=17&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&uniqId=05081&niet=4g&nisd=false&jsp=head&pv=5&lct=1732267860&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=d24ded37&tfre=1801

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff0350a8ea37795864aa65231f570e2876494faa9377357f7e4dc67e8e91f9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8e86721038696db0-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 1 Show response
servicer.mgid.com/351459/ 6 KB
2 KB 397ms
384ms Script
application/x-javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/351459/1?nocmp=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&w=370&h=1096&sz=366x247&szp=1,2,3,4&szl=1;2;3;4&sessionId=6745324f-02366&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fbeforeitsnews.com%2F&cbuster=1732588111370952837174&pvid=193664c82079a267dd5&implVersion=17&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&niet=4g&nisd=false&jsp=head&pv=5&lct=1732267860&jsv=es6&pageView=0&dpr=1&ref=&hashCommit=d24ded37&tfre=1803

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47d393c2a6b1494362d3c578e6bcac8235d4c43ac5f1cf0de81450206e298397

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8e86721038656db0-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 1 Show response
servicer.mgid.com/720415/ 2 KB
1 KB 388ms
376ms Script
application/x-javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/720415/1?nocmp=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&w=370&h=331&ident_p=true&sz=366x284&szp=1&szl=1&sessionId=6745324f-02366&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fbeforeitsnews.com%2F&cbuster=1732588111371835346508&pvid=193664c82079a267dd5&implVersion=17&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&uniqId=0b8ac&niet=4g&nisd=false&jsp=head&pv=5&lct=1732267860&jsv=es6&pageView=0&dpr=1&ref=&hashCommit=d24ded37&tfre=1804

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96706c56efbb5ca6197b990e9972f0903d43c9b5e6ff9bb35ab80971dfd588d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8e86721038676db0-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 1 Show response
servicer.mgid.com/1625435/ 3 KB
2 KB 392ms
381ms Script
application/x-javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1625435/1?nocmp=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&w=370&h=322&ident_p=true&sz=366x271&szp=1&szl=1&sessionId=6745324f-02366&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fbeforeitsnews.com%2F&cbuster=1732588111372337368938&pvid=193664c82079a267dd5&implVersion=17&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&uniqId=089ec&niet=4g&nisd=false&jsp=head&pv=5&lct=1732267860&jsv=es6&pageView=0&dpr=1&ref=&hashCommit=d24ded37&tfre=1805

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

589cdd2a2847a1c03989b45bcb37dbb31cfb1916f1213b06551eb1576ef6c8f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8e86721038646db0-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame C419 0
0 87ms
87ms Document
text/html 142.251.41.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aIiypYgdQKesVI3gORZIxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aIiypYgdQKesVI3gORZIxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 02:28:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 60ms
60ms Stylesheet
text/css 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
age: 2608
expires: Thu, 26 Dec 2024 02:28:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: text/css
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 google
cf-ray: 8e8672117d39db2d-MIA
server: cloudflare

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 44 B
740 B 392ms
391ms Fetch
application/json 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-request-id: a75e8d09-8dcf-4e07-a071-2a4d05780a26
cf-cache-status: REVALIDATED
etag: W/"e51140cdcd044ad76335646936ec5319"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin, Accept-Encoding
x-runtime: 0.013278
priority: u=1,i
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 8e867211e9f267cf-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 206 66b4a6a7c4fa295d16b59e3522c80bb8.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2024-10/871078/ 656 KB
657 KB 109ms
54ms Media
video/mp4 172.64.153.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2024-10/871078/66b4a6a7c4fa295d16b59e3522c80bb8.mp4?v=1732588111-_LWwmrUAorXUkLUPMnPevQrt16EuF3QaOxO6U1Tka3o

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.153.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b17513e40d0d98530620a7ce10c2c79bff5951ac151c43815a734ecf5ef44b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-robots-tag: noindex
x-request-id: 152e6f67ecdd2c687b08abff91020c5a
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cf-cache-status: HIT
etag: "f60ae7f9516f332109943c116e726d7c"
age: 3414169
x-content-type-options: nosniff
server-timing: cld-cloudflare;mitm=c;dur=33;start=2024-10-17T14:03:03.386Z;desc=hit,content-info;desc="width=680,height=452,abps=80319,fps=30.0,du=8.367,vc="h264",bytes=672004,owidth=640,oheight=360,oabps=150213,ofps=30.0,odu=8.367,ovc="h264",obytes=1256778,oformat="mp4",ef=(18,61,65);", cfExtPri
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: video/mp4;codecs=avc1
last-modified: Thu, 17 Oct 2024 14:02:19 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
Content-Range: bytes 0-672003/672004
cf-ray: 8e8672130cbbb3d4-MIA
access-control-allow-origin: *
Content-Length: 672004
server: cloudflare

GET
H3 206 3f549f281afa172c9d079f27d4e9a6f9.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2024-07/871078/ 193 KB
193 KB 135ms
88ms Media
video/mp4 172.64.153.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2024-07/871078/3f549f281afa172c9d079f27d4e9a6f9.mp4?v=1732588111-U5XqcDNRIyxzBl23tEfU7U6z0dzuowj-XkkrQeJ0Qv0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.153.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36aa52a9348b2a59c5145216004c98f64826bc554059f31f99b10ab289fa9944

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-robots-tag: noindex
x-request-id: 126031034aaedab1716bc9305f9645e8
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cf-cache-status: HIT
etag: "2238c89c414470b81e2d8f9af6864979"
age: 572648
x-content-type-options: nosniff
server-timing: cld-cloudflare;mitm=c;dur=202;start=2024-09-03T14:47:40.300Z;desc=miss,content-info;desc="width=680,height=452,abps=39393,fps=29.97,du=5.005,vc="h264",bytes=197161,owidth=640,oheight=360,oabps=107841,ofps=29.97,odu=5.005,ovc="h264",obytes=539743,oformat="mp4",ef=(18,61,65);";cloudinary;dur=137;start=2024-09-03T14:47:40.355Z, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: video/mp4;codecs=avc1
last-modified: Fri, 26 Jul 2024 10:58:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
Content-Range: bytes 0-197160/197161
cf-ray: 8e8672130cb9b3d4-MIA
access-control-allow-origin: *
Content-Length: 197161
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wOC8xODU3NzcvMjg0N...
s-img.mgid.com/g/21180293/492x277/-/ 10 KB
10 KB 147ms
95ms Image
image/webp 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/21180293/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wOC8xODU3NzcvMjg0NDE1NzA2YTU2ZWM5YzFjNDg5NWNjNThiODYxMzMuanBn.webp?v=1732588111-Co6oTUnVPcexSY0VpU6ODzbuyrML5Cnl7UjkqvsDszc

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406469a59292e52a233c636ae8e8d2ad8c60d69d7cc25b445e0a748870bbfe75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 2377523
x-mg-request-uuid: 6aabed38-8ff0-4d4a-bfc0-10b9d9c1436a
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: image/webp
last-modified: Tue, 29 Oct 2024 13:55:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8e8672131ac93361-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10264
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMS8xODU3NzcvNzc1Y...
s-img.mgid.com/g/18409314/492x277/-/ 11 KB
11 KB 145ms
94ms Image
image/webp 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18409314/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMS8xODU3NzcvNzc1YTM0M2VjZWY1ZjY1OGIzOTVmMzE0MzI4MGQwZGYuanBn.webp?v=1732588111-aUqaGI2LwjvZW42OsTu8HcWy_5qKFP3FT-Set3NljJk

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b390b45c1aa0277fdf3e9edbc737ead2d23fef08283fbcf784cf77bc76bdb80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 15429922
x-mg-request-uuid: b1fc1e89-2e7b-4630-9b7a-cfa6fa65df3d
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: image/webp
last-modified: Wed, 27 Mar 2024 13:01:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8e8672131ac63361-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10948
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0xMC8xODU3NzcvOWRlM...
s-img.mgid.com/g/20879970/492x277/-/ 17 KB
18 KB 115ms
64ms Image
image/webp 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/20879970/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0xMC8xODU3NzcvOWRlMjJlOGFmMzk5Mjg3YTcwY2ZmMmFhZjU1NGI1NjIuanBn.webp?v=1732588111-isp6WSzn32NrW26NOk_j7GB-i-wwzatMv2B7od_iuoA

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01575905ac67e24013bcd19acc00f7671a845084870d568847360f3dc4a4fdae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 4774377
x-mg-request-uuid: f11fa4dc-fc38-41c8-ae7f-45de5456f422
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: image/webp
last-modified: Tue, 01 Oct 2024 20:15:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8e8672131ac33361-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17770
server: cloudflare

GET
H3 206 3f549f281afa172c9d079f27d4e9a6f9.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2024-07/871078/ 158 KB
159 KB 116ms
87ms Media
video/mp4 172.64.153.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2024-07/871078/3f549f281afa172c9d079f27d4e9a6f9.mp4?v=1732588111-fWQSgqNoXk9LcN5rVfLTLgIbThLCg2txJ1In99zCSkA

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.153.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5894da8f26bdefc18dbea66e1ec3e305c07ec483fb3740b0c815bae0f26317

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-robots-tag: noindex
x-request-id: 5e33179568aa03ebcd118a1bd313d9fc
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cf-cache-status: HIT
etag: "722e92ddc7b2be85d28f32953b7cd7a7"
age: 2786748
x-content-type-options: nosniff
server-timing: cld-cloudflare;mitm=c;dur=254;start=2024-10-23T18:02:35.068Z;desc=miss,content-info;desc="width=680,height=382,abps=32395,fps=29.97,du=5.005,vc="h264",bytes=162139,owidth=640,oheight=360,oabps=107841,ofps=29.97,odu=5.005,ovc="h264",obytes=539743,oformat="mp4",ef=(18,61,65);";cloudinary;dur=159;start=2024-10-23T18:02:35.117Z, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: video/mp4;codecs=avc1
last-modified: Fri, 26 Jul 2024 10:57:59 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
Content-Range: bytes 0-162138/162139
cf-ray: 8e8672130cb8b3d4-MIA
access-control-allow-origin: *
Content-Length: 162139
server: cloudflare

GET
H3 206 91bcae517f6147aadf997e0cefb0da0a.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2024-10/185777/ 162 KB
162 KB 113ms
85ms Media
video/mp4 172.64.153.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2024-10/185777/91bcae517f6147aadf997e0cefb0da0a.mp4?v=1732588111-0yPoAyRJQVYkxg2595vEB3V97jco5X52NYNVRnwutos

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.153.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8313adcaa50d3de366508ea75fa1493de5f6023c7068ef7284b377f24dfe10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-robots-tag: noindex
x-request-id: 34554dca88736fa2f5d8ae3f8cc37a72
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cf-cache-status: HIT
etag: "bdfa3b2c27ca0b2d8d1199eebfc764a7"
age: 3684650
x-content-type-options: nosniff
server-timing: cld-cloudflare;mitm=c;dur=151;start=2024-10-14T08:49:21.840Z;desc=miss,content-info;desc="width=680,height=382,abps=36136,fps=60.0,du=4.583,vc="h264",bytes=165624,owidth=680,oheight=382,oabps=40488,ofps=60.0,odu=4.583,ovc="h264",obytes=185570,oformat="mp4",ef=(18,61,65);";cloudinary;dur=118;start=2024-10-14T08:49:21.868Z, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: video/mp4;codecs=avc1
last-modified: Fri, 11 Oct 2024 13:12:11 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
Content-Range: bytes 0-165623/165624
cf-ray: 8e8672130cb5b3d4-MIA
access-control-allow-origin: *
Content-Length: 165624
server: cloudflare

GET
H2 200 adSrcNoUi.js Show response
video-native.mgid.com/scripts/ 1 KB
807 B 135ms
35ms Script
application/x-javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/scripts/adSrcNoUi.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache: HIT
content-encoding: gzip
etag: "56d-5b05ee52e311c-gzip"
age: 649817
expires: Tue, 18 Nov 2025 13:58:14 GMT
traceparent: 00-5dabd06d2cef12f1b31eff2e154ab188-4c756c831754f6a8-01
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: application/x-javascript
last-modified: Mon, 28 Sep 2020 12:35:01 GMT
vary: Accept-Encoding
cache-control: max-age=290304000, public
x-id: mi1-hw-edge-gc30
accept-ranges: bytes
access-control-allow-origin: *
content-length: 481
x-cached-since: 2024-11-18T13:58:14+00:00
server: nginx

GET
H/1.1 200
OK aniview.js Show response
player.aniview.com/script/6.1/ 47 KB
17 KB 280ms
70ms Script
text/javascript 2600:141b:1c00:30::1739:5a6f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:30::1739:5a6f Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d3c9edef51f84c5aba02913c04dbd3952b060b0c7dadb2504906089af0771dc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-goog-metageneration: 2
Access-Control-Expose-Headers: Content-Type
Content-Encoding: gzip
x-goog-hash: crc32c=5wWHLQ==, md5=uEUnCKGEpeA3g5Pr/fKFMA==
ETag: "b8452708a184a5e0378393ebfdf28530"
x-goog-stored-content-encoding: gzip
Expires: Tue, 26 Nov 2024 02:43:32 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length: 16459
Date: Tue, 26 Nov 2024 02:28:32 GMT
Last-Modified: Mon, 25 Nov 2024 11:34:34 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
X-GUploader-UploadID: AFiumC7nwldm7SNPHxVG5JtSofNb_lG4VDIBy6Ne_z3IYrHUupCek16-l4aAPuvoKITHA7IGb62qdbhRgw
Cache-Control: public, no-transform, max-age=900
x-goog-storage-class: MULTI_REGIONAL
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
x-goog-generation: 1732534474210510
Content-Length: 16459
Server: UploadServer

GET
H2 200 track
track1.aniview.com/ 0
169 B 205ms
64ms Image
text/plain 172.240.45.75
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5ac2203f073ef46a6856c7b0&cid=66476b6442315e17210826fc&e=playerLoaded&cb=1732588111822
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443";ma=60;
content-length: 0
date: Tue, 26 Nov 2024 02:28:31 GMT

GET
H3 200 /
c.mgid.com/vs/ 43 B
201 B 89ms
89ms Image
image/gif 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/vs/?iid=1625435&e=inview&h=null&o={%22timeOffset%22%3A0%2C%22muidn%22%3A%22oapv16dr7Fsi%22%2C%22playerEngine%22%3A%22aniview%22%2C%22adPlayer%22%3A0%2C%22uuid%22%3A%2220bdf5b0-ab9e-11ef-80df-c84bd6836428%22%2C%22subId%22%3A0%2C%22sticky%22%3A1%2C%22viewable%22%3A100%2C%22tt%22%3A%22Direct%22}&t=0&c=37180&scua=&scub=&scu=&scufvl=&scum=%253F0&scumd=&scup=&scupv=&scufv=&scuw=%253F0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e867212fbde6db0-MIA
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:31 GMT
content-type: image/gif
server: cloudflare

GET
H3 200 i.js Show response
cm.mgid.com/ 5 KB
2 KB 101ms
84ms Script
application/javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?muid=oapvJTTNS0si&cbuster=1732588111835622578982

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e84428958b5216e221b962024631a522ee4152ddc92af6712dbce0798c67a7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e867213ccd66db0-MIA
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 100 KB
29 KB 143ms
42ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"14cd899b51c2c37c71fbf5e1ae6fe38b"
age: 20
expires: Tue, 26 Nov 2024 03:28:32 GMT
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 13 Nov 2024 11:06:09 GMT
vary: Accept-Encoding
x-amz-id-2: 7Qqpiicodwzio1cm6mzkILUchlN2sl0qJq37RXXXYRiUl+Ooru3sTj4gS7e2jZ7etNHtoFlS6K4=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
x-amz-request-id: 7MY7EGWPAZ98F101
cf-ray: 8e8672145bf209ce-MIA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2

200

/
hde.tynt.com/deb/ Frame AB8E
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1

0
0

75ms
64ms

Document
text/html

67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=oapvJTTNS0si&cbuster=1732588111835622578982
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 1691
content-type: text/html
date: Tue, 26 Nov 2024 02:28:32 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

GET
H2 200 /
usync.ingage.tech/ Frame ADFE 0
0 131ms
54ms Document
text/html 2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.ingage.tech/?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834146%26c%3D%24UID
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=oapvJTTNS0si&cbuster=1732588111835622578982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 21031
cf-cache-status: DYNAMIC
cf-ray: 8e867214fdea4976-MIA
content-encoding: gzip
content-type: text/html
date: Tue, 26 Nov 2024 02:28:32 GMT
last-modified: Mon, 25 Nov 2024 20:37:36 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 528d2e31620ff7fe79cc8d8dbc002cc6.cloudfront.net (CloudFront)
x-amz-cf-id: xjxNNVWrByfbxKQIl7wc7ar8sRKzcgmxVNa2bMs6l0AhgW04AAq4_Q==
x-amz-cf-pop: MIA50-P2
x-amz-version-id: RuOrJ_J57Tde7A.bVOkDbbazAccPS7Sm
x-cache: Hit from cloudfront

GET
H2 200 /
onetag-sys.com/usync/ Frame EA37 0
0 315ms
84ms Document
text/html 51.222.239.230
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=oapvJTTNS0si&cbuster=1732588111835622578982

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2

200

usync.html
eus.rubiconproject.com/ Frame 529C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

0
0

235ms
64ms

Document
text/html

23.195.94.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=oapvJTTNS0si&cbuster=1732588111835622578982
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-94-138.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 02:28:32 GMT
etag: "2052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
server: AkamaiGHost

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjcxMjhEMTUtRjJDRS00MDQ0LTkyNDItMTkzNTBFNEU1NThD&gdpr=0&gdpr_consent=&google_cm
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIkk6wNK8kwRKFPhbcdvrTg&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3DB7128D15-F2CE-4044-9242-19350E4E558C
https://cm.mgid.com/m?cdsp=712807&c=B7128D15-F2CE-4044-9242-19350E4E558C

43 B
556 B

110ms
104ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=712807&c=B7128D15-F2CE-4044-9242-19350E4E558C

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e86721b4f156db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://cm.mgid.com/m?cdsp=712807&c=B7128D15-F2CE-4044-9242-19350E4E558C
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 26 Nov 2024 02:28:33 GMT
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://cm.idealmedia.io/i.gif?muidf=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy=
https://cm.mgid.com/i.gif?muidf=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy=
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F31342%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43eb-8e21-ed14914cfb97%26bidder...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F31342%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%2...
https://prebid.a-mo.net/cchain/0/31342?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=1b8efe92-5857-43eb-8e21-ed14914cfb97&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid...
https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F31342%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43eb-8e21-...
https://prebid.a-mo.net/cchain/4/31342?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=1b8efe92-5857-43eb-8e21-ed14914cfb97&bidder=amx_com&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=...
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F31342%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%...
https://prebid.a-mo.net/cchain/6/31342?us_privacy=1---&gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=1b8efe92-5857-43eb-8e21-ed14914cfb97&bidder=index_rtb&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A...
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:220823cb-26e4-4ab6-a01e-a152928b5b27&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=

0
238 B

60ms
59ms

Image
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

date: Tue, 26 Nov 2024 02:28:33 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 26 Nov 2024 02:28:32 GMT
server: nginx

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
https://cm.mgid.com/m?cdsp=501037&c=gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

43 B
723 B

76ms
76ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=501037&c=gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e8672182b076db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
location: https://cm.mgid.com/m?cdsp=501037&c=gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT, Tue, 26 Nov 2024 02:28:32 GMT
pragma: no-cache
vary: Accept-Encoding

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?gdpr=0&gdpr_consent=&ccpa=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D
https://cm.mgid.com/m?cdsp=675043&c=e2232524-8ac5-4049-bda1-3c22518ae450

43 B
478 B

77ms
77ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=675043&c=e2232524-8ac5-4049-bda1-3c22518ae450

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e8672161fc46db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Location: https://cm.mgid.com/m?cdsp=675043&c=e2232524-8ac5-4049-bda1-3c22518ae450
Pragma: no-cache
Connection: keep-alive
Expires: 0
Content-Length: 0
Date: Tue, 26 Nov 2024 02:28:32 GMT
Server: nginx

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/
Redirect Chain

https://ps.eyeota.net/match?bid=dn2m51u&uid=oapv16dr7Fsi&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=oapv16dr7Fsi&gdpr=0&gdpr_consent=

70 B
440 B

58ms
58ms

Image
image/gif

44.196.77.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=oapv16dr7Fsi&gdpr=0&gdpr_consent=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Server: 44.196.77.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-77-126.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date: Tue, 26 Nov 2024 02:28:32 GMT
Content-Type: image/gif

Redirect headers

Location: /match/bounce/?bid=dn2m51u&uid=oapv16dr7Fsi&gdpr=0&gdpr_consent=
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date: Tue, 26 Nov 2024 02:28:32 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.360yield.com/match?external_user_id=oapv16dr7Fsi&publisher_dsp_id=489&dsp_callback=1&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834124%26c%3D%7BPUB_USER_ID%7D
https://match.360yield.com/ul_cb/match?external_user_id=oapv16dr7Fsi&publisher_dsp_id=489&dsp_callback=1&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834124%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=834124&c=93f5ca43-afec-4a57-8008-46a66bf12883

43 B
494 B

80ms
79ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=834124&c=93f5ca43-afec-4a57-8008-46a66bf12883

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e86721759ad6db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

access-control-allow-origin: *
location: https://cm.mgid.com/m?cdsp=834124&c=93f5ca43-afec-4a57-8008-46a66bf12883
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: text/plain

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://b1sync.zemanta.com/usersync/mgid/?puid=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D
https://b1sync.zemanta.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&puid=oapv16dr7Fsi&s=2&us_privacy=
https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0

43 B
494 B

83ms
81ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e867216f9096db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
location: https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
content-length: 83
p3p: CP="We do not support P3P header."
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: text/html; charset=utf-8

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=8b67b9cb-2762-43ab-a72b-b1c5fcac187f

43 B
509 B

90ms
89ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=287839&c=8b67b9cb-2762-43ab-a72b-b1c5fcac187f

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e867217aa336db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: //cm.mgid.com/m?cdsp=287839&c=8b67b9cb-2762-43ab-a72b-b1c5fcac187f
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:28:32 GMT

GET
H2

200

1000.gif
id.rlcdn.com/
Redirect Chain

https://id.rlcdn.com/712056.gif?
https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCNDklLoGEgUI6AcQAEIASgA

42 B
301 B

71ms
70ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCNDklLoGEgUI6AcQAEIASgA
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: no-cache, no-store
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 42
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif

Redirect headers

cache-control: no-cache, no-store
timing-allow-origin: *
location: https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCNDklLoGEgUI6AcQAEIASgA
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT

GET

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=b2FwdjE2ZHI3RnNp&muidn=oapv16dr7Fsi&gdpr=0&gdpr_consent=
https://cm.mgid.com/google?muidn=oapv16dr7Fsi&gdpr=0&gdpr_consent=&google_ula={guid},5&google_gid=CAESEC_TtCj0gOCclFXU_IjVaHg&google_cver=1

0
0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cm.rtbsystem.com/mgid?c=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D
https://cm.mgid.com/m?cdsp=556372&c=f0a52311-0e9d-51e6-ae2a-fee3791a4600

43 B
509 B

72ms
72ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=556372&c=f0a52311-0e9d-51e6-ae2a-fee3791a4600

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e867217fabf6db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://cm.mgid.com/m?cdsp=556372&c=f0a52311-0e9d-51e6-ae2a-fee3791a4600
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZiUSDReEzFxwrAY6zppU5v6SE3DTXt4Ow4Xnuz2WiiSnJH2p2RgnkoyV8nFQMuQTVC2AmVV6L6uaC5CIWKwCHglEobAZi8i3x0efeeHY%2FIrDxEklRXNp66VTYt7ay3GTzSn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e867216c861336e-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37214&sent=11&recv=11&lost=0&retrans=0&sent_bytes=4154&recv_bytes=4573&delivery_rate=471&cwnd=12000&unsent_bytes=0&cid=cddd35ffb6fcc146&ts=234&x=1", cfHdrFlush;dur=0
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.mgid.com/m?cdsp=834104&c=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834104%26c%3D%24UID
https://cm.mgid.com/m?cdsp=834104&c=1500711789250769632

43 B
723 B

75ms
74ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=834104&c=1500711789250769632

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e8672188b606db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://cm.mgid.com/m?cdsp=834104&c=1500711789250769632
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.77; 38.132.118.77; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 16305729-731c-4917-955b-989bd120fe97
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 02:28:32 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834148%26c%3D%5BUID%5D
https://cm.mgid.com/m?cdsp=834148&c=540c95b9-0e11-40fe-b821-13753e9c6537

43 B
723 B

79ms
75ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=834148&c=540c95b9-0e11-40fe-b821-13753e9c6537

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e8672183b136db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-cache, no-store, private
location: https://cm.mgid.com/m?cdsp=834148&c=540c95b9-0e11-40fe-b821-13753e9c6537
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 26 Nov 2024 02:28:32 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-71
x-xss-protection: 0

GET
H2 200 sync
x.bidswitch.net/ 43 B
164 B 221ms
60ms Image
image/gif 35.211.202.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=303&user_id=oapv16dr7Fsi&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 130.202.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://idsync.rlcdn.com/712107.gif?partner_uid=oapv16dr7Fsi&
https://pippio.com/api/sync?pid=5324&it=1&iv=e2746ab8762c9de43f06b5859e3ec37cdca2da27a9bd79bc11a96374f3f2de75791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e2746ab8762c9de43f06b5859e3ec37cdca2da27a9bd79bc11a96374f3f2de75791426b5417dce21&rand=01725419
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e2746ab8762c9de43f06b5859e3ec37cdca2da27a9bd79bc11a96374f3f2de75791426b5417dce21&rand=01725419&expected_cookie=fce06dc9-6cc2-4bf9-bddc-f47b299806bf

0
141 B

164ms
123ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e2746ab8762c9de43f06b5859e3ec37cdca2da27a9bd79bc11a96374f3f2de75791426b5417dce21&rand=01725419&expected_cookie=fce06dc9-6cc2-4bf9-bddc-f47b299806bf
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0B1493716FA446D28E75300D37B745BD Ref B: MIAEDGE2308 Ref C: 2024-11-26T02:28:33Z
x-li-fabric: prod-lor1
x-li-uuid: AAYnx5sJCs2WYQf1p8lVWQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
location: /db_sync?pid=10339&puuid=e2746ab8762c9de43f06b5859e3ec37cdca2da27a9bd79bc11a96374f3f2de75791426b5417dce21&rand=01725419&expected_cookie=fce06dc9-6cc2-4bf9-bddc-f47b299806bf
x-msedge-ref: Ref A: 8C0D8FC2360A4F6E80F86BD84939F91B Ref B: MIAEDGE2308 Ref C: 2024-11-26T02:28:33Z
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: AAYnx5sGbEWUSuZK69Xr5Q==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=155&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834126%26c%3D%5Bsas_sync_pid%5D%26nwid%3D4577
https://cm.mgid.com/m?cdsp=834126&c=2245899362504471552&nwid=4577

43 B
556 B

74ms
74ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=834126&c=2245899362504471552&nwid=4577

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e86721b8f5f6db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-cache,no-store
location: https://cm.mgid.com/m?cdsp=834126&c=2245899362504471552&nwid=4577
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 02:28:32 GMT
pragma: no-cache

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=93f5ca43-afec-4a57-8008-46a66bf12883

43 B
541 B

79ms
78ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=665953&c=93f5ca43-afec-4a57-8008-46a66bf12883

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e8672195c576db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

access-control-allow-origin: *
location: https://cm.mgid.com/m?cdsp=665953&c=93f5ca43-afec-4a57-8008-46a66bf12883
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: text/plain

GET
H2

200

cookie
cm.adform.net/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4758%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43e...
https://prebid.a-mo.net/cchain/1/4758?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=1b8efe92-5857-43eb-8e21-ed14914cfb97&bidder=sovrn&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=Jup...
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F4758%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92...

35 B
475 B

601ms
151ms

Image
image/gif

37.157.2.230
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F4758%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43eb-8e21-ed14914cfb97%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 37.157.2.230 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: max-age=0, private, must-revalidate
location: https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F4758%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D1b8efe92-5857-43eb-8e21-ed14914cfb97%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT
x-envoy-upstream-service-time: 3
vary: accept-encoding
server: envoy

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID
https://cm.mgid.com/m?cdsp=709070&c=Jup0ALZH0Gb3m-OAT4md179-

43 B
540 B

76ms
74ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=709070&c=Jup0ALZH0Gb3m-OAT4md179-

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e8672199ca36db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=709070&c=Jup0ALZH0Gb3m-OAT4md179-
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type

GET
H3

400

m
cm.mgid.com/
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https://cm.mgid.com/m?cdsp=834139&c=[PDID]
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https://cm.mgid.com/m?cdsp=834139&c=[PDID]&rd=1
https://cm.mgid.com/m?cdsp=834139

11 B
438 B

110ms
107ms

Image
text/plain

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=834139

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cf-cache-status: DYNAMIC
cf-ray: 8e86721d2a086db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 11
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: text/plain; charset=utf-8
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=834139
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.30
server: nginx

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://visitor-mgid.omnitagjs.com/visitor/bsync?uid=98ca793505bd269c5f409678d39eb6e5&name=mgid&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834135%26c%3D%5BBUYER_ID%5D
https://cm.mgid.com/m?cdsp=834135&c=96f838ba2c3f425b1aea8ee79a929607

43 B
556 B

92ms
91ms

Image
image/gif

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=834135&c=96f838ba2c3f425b1aea8ee79a929607

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8e86721b5f2e6db0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://cm.mgid.com/m?cdsp=834135&c=96f838ba2c3f425b1aea8ee79a929607
x-kong-request-id: c9dead406a4c716ec23045514f723e5e
pragma: no-cache
x-content-type-options: nosniff
via: kong/3.6.1
expires: 0
x-kong-upstream-latency: 3
x-kong-proxy-latency: 0
content-length: 0
p3p: CP="CAO PSA OUR"
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding

GET
H3 200 top-logo.png
beforeitsnews.com/img/v3/ 2 KB
0 2ms
2ms Image
image/png 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/img/v3/top-logo.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca601ccb4b804e78f547d0451200b8cf3f9ac3a88b11ff0fff17b1432226915

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
cf-cache-status: HIT
etag: "5fe55cb2-8ab"
age: 1690194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdXRdb3t89XErP0hiGkTjSL%2B8tG8ccJDy%2Bnf0%2B0rrroswZ5m3QmttNCoZG0Skx988CjLALZek1CsOrvdL91%2FdMMFZox0qLyaPrBmCdm4pfz0OJk5u7NYoK7Cm7KxIukdZYV0Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
expires: Tue, 14 Oct 2025 18:41:58 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44927&sent=45&recv=30&lost=0&retrans=0&sent_bytes=33749&recv_bytes=9213&delivery_rate=273405&cwnd=16800&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=514&x=1", cfHdrFlush;dur=25
date: Tue, 26 Nov 2024 02:28:29 GMT
content-type: image/png
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672049a9a44db-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2219
server: cloudflare

GET
H3 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame DFF2 509 KB
148 KB 134ms
67ms Script
text/javascript 23.44.136.174
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.44.136.174 Piscataway, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-44-136-174.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: e801aa0bbbdeb0b7892830207a049f160989e2198a17fc17560dc6c8a892b051

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=wNKT6Q==, md5=56zPQYXFx9N4KIn9qztBmA==
etag: "e7accf4185c5c7d3782889fdab3b4198"
x-goog-stored-content-encoding: gzip
expires: Tue, 26 Nov 2024 02:43:32 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length: 152023
date: Tue, 26 Nov 2024 02:28:32 GMT
last-modified: Mon, 25 Nov 2024 11:34:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7PoChqNd0gq-hFRW1VlMDl1nh_I4kZ-eNE4U6IaYRnuCQvh43Sn8jtWVKIyItBykhX5o9yD-oTvA
cache-control: public, no-transform, max-age=900
x-goog-storage-class: MULTI_REGIONAL
quic-version: 0x00000001
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732534474347554
content-length: 152023
server: UploadServer

GET
DATA 200
OK truncated
/ 325 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 49 KB
7 KB 247ms
81ms XHR
application/json 172.240.45.81
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=desktop&AV_CUSTOM1=oapv16dr7Fsi&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1625435&AV_CDIM5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&AV_CDIM6=17&AV_CDIM9=%7C350320&AV_CDIM10=%7C350320&AV_CDIM11=%7C350320&AV_CDIM12=%7C350320&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbeforeitsnews.com%2F&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=66476b6442315e17210826fc&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=beforeitsnews.com&AV_DADPOS=1&AV_GPID=%2F5ac2203f073ef46a6856c7b0%2F66476b6442315e17210826fc%2Fbeforeitsnews.com&d36=6.3.15&responsive=1&sver=5&avtoken=112494&omv=1.0.1&clsid=ba58b540-be7a-4bb0-9bc0-dd17a4997ed7&rando=46&rando1=72&rando2=25&scnt=1&AV_WIDTH=501&AV_HEIGHT=281&AV_DNT=0&cb=1732588112498&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.240.45.81 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: c88fd9eda3b85df0dda6b8a580628f347cf64d9fe76900302616e03df0c5bc79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 1728000
content-encoding: gzip
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
critical-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
expires: Thu, 14 Nov 2024 12:41:52 GMT
alt-svc: h3=":443";ma=60;
date: Tue, 26 Nov 2024 02:28:32 GMT
x-bamboo-c-s: BYPASS
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
x-bamboo-c-skst: 1
cache-control: no-cache
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-skfe: 1
access-control-allow-credentials: true
access-control-allow-origin: https://beforeitsnews.com

GET
H2 200 track
track1.aniview.com/ 0
168 B 65ms
57ms Image
text/plain 172.240.45.75
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=beforeitsnews.com&sn=&cd1=desktop&cd2=0&cd3=outstream&cd4=1625435&cd5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&cd6=17&cd9=%7C350320&cd10=%7C350320&cd11=%7C350320&cd12=%7C350320&ic=0&tgt=0&app=&wi=501&he=281&test=&d36=6.3.15&apppkg=&fv=1&proto=https&clsid=ba58b540-be7a-4bb0-9bc0-dd17a4997ed7&rando=46&rando1=72&rando2=25&scnt=1&pid=5ac2203f073ef46a6856c7b0&cid=66476b6442315e17210826fc&stagid=&stplid=&e=inventory&vi=100&plt=4&cb=1732588112497
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443";ma=60;
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT

GET
H3 200 /
c.mgid.com/vs/ 43 B
201 B 80ms
79ms Image
image/gif 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/vs/?iid=1625435&e=adinventory&h=null&o={%22timeOffset%22%3A0%2C%22muidn%22%3A%22oapv16dr7Fsi%22%2C%22playerEngine%22%3A%22aniview%22%2C%22adPlayer%22%3A0%2C%22uuid%22%3A%2220bdf5b0-ab9e-11ef-80df-c84bd6836428%22%2C%22subId%22%3A0%2C%22sticky%22%3A1%2C%22viewable%22%3A100%2C%22tt%22%3A%22Direct%22}&t=0&c=1238&scua=&scub=&scu=&scufvl=&scum=%253F0&scumd=&scup=&scupv=&scufv=&scuw=%253F0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e86721749796db0-MIA
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: image/gif
server: cloudflare

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
455 B 581ms
156ms Fetch
text/plain 162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://beforeitsnews.com
p3p: CP="CAO PSA OUR"
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: text/plain;charset=utf-8
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
289 B 580ms
157ms Fetch
application/json 162.19.138.116
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

11321c13ec847c653435ce51d860e608aec302056d9bc2cbdcafaed221a90599

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://beforeitsnews.com
date: Tue, 26 Nov 2024 02:28:32 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

usync.html
eus.rubiconproject.com/ Frame 4A19
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

0
0

67ms
67ms

Document
text/html

23.195.94.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-94-138.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 02:28:32 GMT
etag: "2052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET
H2

200

cookiesyncendpoint
sync.aniview.com/ Frame 94D6
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1732588112697-172027211197-000826-013-005183...
https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=22&key=93f5ca43-afec-4a57-8008-46a66bf12883

0
0

79ms
52ms

Document
text/plain

172.240.45.96
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=22&key=93f5ca43-afec-4a57-8008-46a66bf12883
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 0
date: Tue, 26 Nov 2024 02:28:33 GMT
server: istio-envoy
x-envoy-upstream-service-time: 1

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Tue, 26 Nov 2024 02:28:33 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=22&key=93f5ca43-afec-4a57-8008-46a66bf12883
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1AB5 0
0 74ms
61ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1732588112697-172027211197-000826-013-005183%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=26420
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Tue, 26 Nov 2024 02:28:32 GMT
expires: Tue, 26 Nov 2024 09:48:52 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint
sync.aniview.com/ Frame 68A4
Redirect Chain

https://creativecdn.com/cm-notify?pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---

0
0

71ms
57ms

Document
text/plain

172.240.45.96
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 0
date: Tue, 26 Nov 2024 02:28:33 GMT
server: istio-envoy
x-envoy-upstream-service-time: 2

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 26 Nov 2024 02:28:33 GMT Tue, 26 Nov 2024 02:28:33 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
pragma: no-cache
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint
sync.aniview.com/ Frame CB83
Redirect Chain

https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1732588112697-172027211197-000826-013-005183%26biddername%3D18%26k...
https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=18&key=Jup0ALZH0Gb3m-OAT4md179-

0
0

304ms
58ms

Document
text/plain

172.240.45.96
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=18&key=Jup0ALZH0Gb3m-OAT4md179-
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 0
date: Tue, 26 Nov 2024 02:28:33 GMT
server: istio-envoy
x-envoy-upstream-service-time: 1

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1732588112697-172027211197-000826-013-005183&biddername=18&key=Jup0ALZH0Gb3m-OAT4md179-
vary: Accept-Encoding

GET
H2 200 /
onetag-sys.com/usync/ Frame BEF6 0
0 94ms
83ms Document
text/html 51.222.239.230
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H3 200 avpb9.16.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame DFF2 380 KB
118 KB 64ms
62ms Script
text/javascript 23.44.136.174
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.44.136.174 Piscataway, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-44-136-174.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 31b1a345723d3c3ac3eb9e1fa04dbda1819663c656820edbc7bb4b6af2b2ac88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=yj0pow==, md5=cbQuAt8ezdPmZNJW3/jLrw==
etag: "71b42e02df1ecdd3e664d256dff8cbaf"
x-goog-stored-content-encoding: gzip
expires: Tue, 26 Nov 2024 02:43:32 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length: 120827
date: Tue, 26 Nov 2024 02:28:32 GMT
last-modified: Mon, 25 Nov 2024 11:34:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5tF2MsoPK8e0dSLJyjzfTgXrl9bQRkUoylA19ySFcRvtKmYsf3OpmLvMXQFVquAgibCnK6n6ejgg
cache-control: public, no-transform, max-age=900
x-goog-storage-class: MULTI_REGIONAL
quic-version: 0x00000001
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732534474668985
content-length: 120827
server: UploadServer

GET
H3 200 avpb9.16.0a2.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame DFF2 69 KB
20 KB 91ms
89ms Script
text/javascript 23.44.136.174
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0a2.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.44.136.174 Piscataway, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-44-136-174.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: e7c95e2a4b8a672a5c71a2dc342170639196ff39a4b71ef8de77cac184bfa486

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=kTmtQQ==, md5=zKM0m3wthIkq2wDfVYrlfw==
etag: "cca3349b7c2d84892adb00df558ae57f"
x-goog-stored-content-encoding: gzip
expires: Tue, 26 Nov 2024 02:43:32 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length: 20905
date: Tue, 26 Nov 2024 02:28:32 GMT
last-modified: Mon, 25 Nov 2024 11:34:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7ajD-LXHwatR76AEL60HlYZZe-0Dpeo9JaQ91Eg7FCgSa3_f12xTQ0ajY5xYBut27x7MfhdXL6pQ
cache-control: public, no-transform, max-age=900
x-goog-storage-class: MULTI_REGIONAL
quic-version: 0x00000001
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732534474603032
content-length: 20905
server: UploadServer

POST
H2 204 s2s Show response
s2s.aniview.com/api/adserver/ 0
799 B 837ms
574ms Fetch 172.240.45.70
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=1cf76924625050270ee9efe33b2f3bcc&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1732588112697-172027211197-000826-013-005183&tgt=0&AV_CDIM1=desktop&AV_CUSTOM1=oapv16dr7Fsi&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1625435&AV_CDIM5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&AV_CDIM6=17&AV_CDIM9=%7C350320&AV_CDIM10=%7C350320&AV_CDIM11=%7C350320&AV_CDIM12=%7C350320&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbeforeitsnews.com%2F&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=66476b6442315e17210826fc&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=beforeitsnews.com&AV_DADPOS=1&AV_GPID=%2F5ac2203f073ef46a6856c7b0%2F66476b6442315e17210826fc%2Fbeforeitsnews.com&d36=6.3.15&responsive=1&sver=5&avtoken=112494&omv=1.0.1&clsid=ba58b540-be7a-4bb0-9bc0-dd17a4997ed7&rando=46&rando1=72&rando2=25&scnt=1&AV_WIDTH=501&AV_HEIGHT=281&AV_DNT=0&cb=2588112771&wfc=1&&AV_VI=100&AV_VID=0&d4=1&d5=0&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&AV_IRISID=&AV_IRISIDCTX=&ms2s=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.240.45.70 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://beforeitsnews.com/

Response headers

x-bamboo-c-skst: 1
access-control-max-age: 1728000
cache-control: no-cache
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-skfe: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
critical-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
expires: Thu, 14 Nov 2024 12:41:53 GMT
access-control-allow-origin: https://beforeitsnews.com
alt-svc: h3=":443";ma=60;
date: Tue, 26 Nov 2024 02:28:33 GMT
x-bamboo-c-s: BYPASS
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With

GET
H2 200 track
track1.aniview.com/ 0
168 B 73ms
58ms Image
text/plain 172.240.45.75
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?avh=03112b9898601180f1298f060ae39468adb321f34d7a460e2a99f1e86a2bdc3891a77afcd43a3057544afb2267bf64c018310e15688152d452db6b22e8886d11a0bacb777e89ab6d087557ee2384e873a8bfe4338323d82e90d8f588260736052b22ab0739cf82ea15387129c1b9e16d&r=beforeitsnews.com&rs=beforeitsnews.com&sid=9518&t=1732588112&sn=&tgt=0&osv=&bv=131.0&brn=Chrome&wi=501&he=281&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&d64=1cf76924625050270ee9efe33b2f3bcc&d63=1cf76924625050270ee9efe33b2f3bcc&aafaid=&proto=https&uid=1732588112697-172027211197-000826-013-005183&stagid=&stplid=&d35=&d36=6.3.15&cb=31473111588001&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&d94=87bf8fd&apppkg=&cd6=17&cd9=%7C350320&cd10=%7C350320&cd11=%7C350320&cd12=%7C350320&cd1=desktop&cd2=0&cd3=outstream&cd4=1625435&cd5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&d9=0000&d22=5ac2203f073ef46a6856c7b0&d24=66476b6442315e17210826fc&d37=realtime&d65=_GlobalConfig&AV_WIDTH=501&AV_HEIGHT=281&nid=5ac2203f073ef46a6856c7b0&ncid=66476b6442315e17210826fc&e=request&cb=1732588112779&plt=4&asid=64c8fcd96d2e8d8627042234%2C64c901fa4a204b99d70d5496&ofpr=0.5%2C1&fpo=%2C&d95=%2C&rcd=%2C&ri=1%2C1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443";ma=60;
content-length: 0
date: Tue, 26 Nov 2024 02:28:32 GMT

GET
H2 200 topics_frame.html
pa.openx.net/ Frame 0D5E 0
0 123ms
38ms Document
text/html 34.36.214.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.openx.net/topics_frame.html?bidder=openx
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.214.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-length: 1036
content-type: text/html; charset=utf-8
date: Tue, 26 Nov 2024 02:18:56 GMT
etag: "c5379e35e267deacc52e06ed0f5fa81f"
last-modified: Mon, 22 Jan 2024 14:38:43 GMT
server: UploadServer
supports-loading-mode: fenced-frame
vary: Origin
x-allow-fledge: true
x-goog-generation: 1705934323795552
x-goog-hash: crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1036
x-guploader-uploadid: AFiumC5GqmaxrcyvhPc3J6qvKIKAecu5FWMEINsZYzof09yDJzal3nWBcsktRGXyBpFopxHVp5BIdC2OxA

POST
H2 200 pb Show response
ad.360yield.com/1944/ Frame DFF2 855 B
1 KB 181ms
167ms Fetch
application/json 54.198.143.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1944/pb
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.198.143.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-143-18.compute-1.amazonaws.com
Software: /
Resource Hash: a4c0655262433650e89faec568137b29aedb326140e4da8f23bf50a2bb25c420

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: https://beforeitsnews.com
content-length: 855
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true

POST
H2 200 pb Show response
ad.360yield.com/1944/ Frame DFF2 864 B
1 KB 132ms
120ms Fetch
application/json 54.198.143.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1944/pb
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.198.143.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-143-18.compute-1.amazonaws.com
Software: /
Resource Hash: fbfef3ab353d3d8b622bb0cc5f8f58dadc158af911f6c3875dd32c20dab03f1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: https://beforeitsnews.com
content-length: 864
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true

POST
H2 200 v3 Show response
id5-sync.com/gm/ 2 KB
2 KB 155ms
153ms XHR
application/json 162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

23dfaaf57b75ef87315be3e9433c3f4490f26e8d30bb6f01eca4a6a1985048ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://beforeitsnews.com
p3p: CP="CAO PSA OUR"
date: Tue, 26 Nov 2024 02:28:33 GMT
content-type: application/json
vary: Origin

GET
H2

200

9.gif
id5-sync.com/c/231/108/0/
Redirect Chain

https://id5-sync.com/i/231/8.gif?o=api&id5id=ID5*JYTKmRqyOa9fKUlOF7ZRBxmO5wsnsnEXW4wM_lCyit7cozvvj9KFrhLmbcAJnpuq&gdpr_consent=undefined&gdpr=false
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ea54WlfGAh_MtuNXU66qWWsYpmdXjrobafNTEFd1cw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F231%2F124%2F7%2F2.gif%3Fpuid%3...
https://id5-sync.com/cq/231/124/7/2.gif?puid=93f5ca43-afec-4a57-8008-46a66bf12883&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://id5-sync.com/k/155.gif?puid=AAFt907OimUAABaXZBUGEg&id5AccountNum=155&numCascadesAllowed=9
https://ib.adnxs.com/getuid?https://id5-sync.com/c/231/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/231/2/5/4.gif?puid=8391688946624495119&gdpr=0&gdpr_consent=
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F796%2F4%2F5.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
https://id5-sync.com/c/231/796/4/5.gif?puid=5907ecb9-5a4f-4f7a-9ba5-c291d31f4678&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F441%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/231/441/3/6.gif?puid=u_4be40cfc-7c1b-47b0-8375-d58a07b00c99&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F434%2F2%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/231/434/2/7.gif?puid=540c95b9-0e11-40fe-b821-13753e9c6537&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=0c0c5e41-daa5-4c18-a64a-06059b5de795&ttl=%%TTL%%
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/231/108/0/9.gif?puid=e8e56291-e341-4713-96d2-485ad3f05657&gdpr=0&gdpr_consent=

43 B
1 KB

151ms
151ms

Image
image/gif

162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/231/108/0/9.gif?puid=e8e56291-e341-4713-96d2-485ad3f05657&gdpr=0&gdpr_consent=

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Tue, 26 Nov 2024 02:28:35 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

strict-transport-security: max-age=31536000
location: https://id5-sync.com/c/231/108/0/9.gif?puid=e8e56291-e341-4713-96d2-485ad3f05657&gdpr=0&gdpr_consent=
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Tue, 26 Nov 2024 02:28:36 GMT
server: Jetty(11.0.13)

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame DFF2 424 KB
145 KB 222ms
89ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 02:28:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148132
date: Tue, 26 Nov 2024 02:28:33 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=OTNmNWNhNDMtYWZlYy00YTU3LTgwMDgtNDZhNjZiZjEyODgz&dsp_callback=0
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEBjwx7lLbSf85hGXMv7CHRo&google_cver=1

43 B
505 B

172ms
170ms

Image
image/gif

54.198.143.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEBjwx7lLbSf85hGXMv7CHRo&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 54.198.143.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-143-18.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 26 Nov 2024 02:28:34 GMT
content-type: image/gif

Redirect headers

cache-control: no-cache, must-revalidate
location: https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEBjwx7lLbSf85hGXMv7CHRo&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 332
date: Tue, 26 Nov 2024 02:28:34 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

match
match.360yield.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=k_XKQ6_sSleACEama_Eogw&google_cm&dsp_callback=0&publisher_dsp_id=340
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBcizSjMPhlZ2GlsVpuBhRA&google_cver=1

43 B
505 B

135ms
133ms

Image
image/gif

54.198.143.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBcizSjMPhlZ2GlsVpuBhRA&google_cver=1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 54.198.143.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-143-18.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 26 Nov 2024 02:28:34 GMT
content-type: image/gif

Redirect headers

cache-control: no-cache, must-revalidate
location: https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBcizSjMPhlZ2GlsVpuBhRA&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 330
date: Tue, 26 Nov 2024 02:28:34 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

match
na-ice.360yield.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://na-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40
https://na-ice.360yield.com/match?dsp_callback=0&external_user_id=8391688946624495119&publisher_dsp_id=40

43 B
497 B

304ms
174ms

Image
image/gif

107.22.72.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na-ice.360yield.com/match?dsp_callback=0&external_user_id=8391688946624495119&publisher_dsp_id=40
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Server: 107.22.72.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-72-237.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 26 Nov 2024 02:28:34 GMT
content-type: image/gif

Redirect headers

cache-control: no-store, no-cache, private
location: https://na-ice.360yield.com/match?dsp_callback=0&external_user_id=8391688946624495119&publisher_dsp_id=40
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.77; 38.132.118.77; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: cd48dce1-48bb-49f8-b550-72ccbca610a1
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 02:28:34 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 sync
x.bidswitch.net/ 43 B
92 B 80ms
62ms Image
image/gif 35.211.202.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=93f5ca43-afec-4a57-8008-46a66bf12883&publisher_dsp_id=191&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/match
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 130.202.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000
content-length: 43
date: Tue, 26 Nov 2024 02:28:34 GMT
content-type: image/gif

GET
H2

200

9.gif
id5-sync.com/c/231/108/0/
Redirect Chain

https://id5-sync.com/match?publisher_user_id=93f5ca43-afec-4a57-8008-46a66bf12883&publisher_dsp_id=313&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/match
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://id5-sync.com/k/155.gif?puid=AAFt907OimUAABaXZBUGEg&id5AccountNum=155&numCascadesAllowed=9
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F203%2F5%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/231/203/5/4.gif?puid=ce0aa8b1-5335-422c-8006-a3027d41349c&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/231/429/4/5.gif?puid=B7128D15-F2CE-4044-9242-19350E4E558C&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/231/434/3/6.gif?puid=540c95b9-0e11-40fe-b821-13753e9c6537&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F441%2F2%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/231/441/2/7.gif?puid=u_4be40cfc-7c1b-47b0-8375-d58a07b00c99&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=0c0c5e41-daa5-4c18-a64a-06059b5de795&ttl=%%TTL%%
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/231/108/0/9.gif?puid=e8e56291-e341-4713-96d2-485ad3f05657&gdpr=0&gdpr_consent=

43 B
1 KB

216ms
150ms

Image
image/gif

162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/231/108/0/9.gif?puid=e8e56291-e341-4713-96d2-485ad3f05657&gdpr=0&gdpr_consent=

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Tue, 26 Nov 2024 02:28:36 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

strict-transport-security: max-age=31536000
location: https://id5-sync.com/c/231/108/0/9.gif?puid=e8e56291-e341-4713-96d2-485ad3f05657&gdpr=0&gdpr_consent=
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Tue, 26 Nov 2024 02:28:36 GMT
server: Jetty(11.0.13)

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 873 B
227 B 201ms
78ms XHR
application/json 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fbeforeitsnews.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

cee395dd266b9aca9f8aaa4bd63c9ad9e79ac1a5f5a12992e32d6563ebd33c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 02:28:34 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 202
date: Tue, 26 Nov 2024 02:28:34 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 7EE8 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame DFF2 44 KB
17 KB 211ms
80ms Script
text/javascript 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 02:28:34 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Tue, 26 Nov 2024 02:28:34 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame F54F 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 127C 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame C4D0 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame C7B2 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EB11 45 KB
15 KB 63ms
60ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F38E 45 KB
0 63ms
63ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 690E 45 KB
0 64ms
64ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AE45 45 KB
0 66ms
66ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 216D 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

POST
H2 200 track
track1.aniview.com/ Frame DFF2 0
171 B 64ms
62ms Ping
text/plain 172.240.45.75
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?avh=03112b9898601180f1298f060ae39468adb321f34d7a460e2a99f1e86a2bdc3891a77afcd43a3057544afb2267bf64c018310e15688152d452db6b22e8886d11a0bacb777e89ab6d087557ee2384e873a8bfe4338323d82e90d8f588260736052b22ab0739cf82ea15387129c1b9e16d&r=beforeitsnews.com&rs=beforeitsnews.com&sid=9518&t=1732588112&sn=&tgt=0&osv=&bv=131.0&brn=Chrome&wi=501&he=281&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&d64=1cf76924625050270ee9efe33b2f3bcc&d63=1cf76924625050270ee9efe33b2f3bcc&aafaid=&proto=https&uid=1732588112697-172027211197-000826-013-005183&stagid=&stplid=&d35=&d36=6.3.15&cb=31473111588001&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&d94=87bf8fd&apppkg=&cd6=17&cd9=%7C350320&cd10=%7C350320&cd11=%7C350320&cd12=%7C350320&cd1=desktop&cd2=0&cd3=outstream&cd4=1625435&cd5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&d9=0000&d22=5ac2203f073ef46a6856c7b0&d24=66476b6442315e17210826fc&d37=realtime&d65=_GlobalConfig&AV_WIDTH=501&AV_HEIGHT=281
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
alt-svc: h3=":443";ma=60;
date: Tue, 26 Nov 2024 02:28:35 GMT

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame F904 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 99C2 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 7158 0
0 1ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F9C8 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 7867 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9081 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 2B70 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A7CB 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame EF57 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9037 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 9E41 0
0 3ms
2ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0ADA 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

POST
H2 200 track
track1.aniview.com/ Frame DFF2 0
171 B 62ms
60ms Ping
text/plain 172.240.45.75
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?avh=03112b9898601180f1298f060ae39468adb321f34d7a460e2a99f1e86a2bdc3891a77afcd43a3057544afb2267bf64c018310e15688152d452db6b22e8886d11a0bacb777e89ab6d087557ee2384e873a8bfe4338323d82e90d8f588260736052b22ab0739cf82ea15387129c1b9e16d&r=beforeitsnews.com&rs=beforeitsnews.com&sid=9518&t=1732588112&sn=&tgt=0&osv=&bv=131.0&brn=Chrome&wi=501&he=281&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&d64=1cf76924625050270ee9efe33b2f3bcc&d63=1cf76924625050270ee9efe33b2f3bcc&aafaid=&proto=https&uid=1732588112697-172027211197-000826-013-005183&stagid=&stplid=&d35=&d36=6.3.15&cb=31473111588001&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&d94=87bf8fd&apppkg=&cd6=17&cd9=%7C350320&cd10=%7C350320&cd11=%7C350320&cd12=%7C350320&cd1=desktop&cd2=0&cd3=outstream&cd4=1625435&cd5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&d9=0000&d22=5ac2203f073ef46a6856c7b0&d24=66476b6442315e17210826fc&d37=realtime&d65=_GlobalConfig&AV_WIDTH=501&AV_HEIGHT=281
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
alt-svc: h3=":443";ma=60;
date: Tue, 26 Nov 2024 02:28:36 GMT

GET
H2 200 track
track1.aniview.com/ 0
168 B 59ms
58ms Image
text/plain 172.240.45.75
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?avh=03112b9898601180f1298f060ae39468adb321f34d7a460e2a99f1e86a2bdc3891a77afcd43a3057544afb2267bf64c018310e15688152d452db6b22e8886d11a0bacb777e89ab6d087557ee2384e873a8bfe4338323d82e90d8f588260736052b22ab0739cf82ea15387129c1b9e16d&r=beforeitsnews.com&rs=beforeitsnews.com&sid=9518&t=1732588112&sn=&tgt=0&osv=&bv=131.0&brn=Chrome&wi=501&he=281&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&d64=1cf76924625050270ee9efe33b2f3bcc&d63=1cf76924625050270ee9efe33b2f3bcc&aafaid=&proto=https&uid=1732588112697-172027211197-000826-013-005183&stagid=&stplid=&d35=&d36=6.3.15&cb=31473111588001&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&d94=87bf8fd&apppkg=&cd6=17&cd9=%7C350320&cd10=%7C350320&cd11=%7C350320&cd12=%7C350320&cd1=desktop&cd2=0&cd3=outstream&cd4=1625435&cd5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&d9=0000&d22=5ac2203f073ef46a6856c7b0&d24=66476b6442315e17210826fc&d37=realtime&d65=_GlobalConfig&AV_WIDTH=501&AV_HEIGHT=281&nid=5ac2203f073ef46a6856c7b0&ncid=66476b6442315e17210826fc&e=request&cb=1732588116474&plt=4&asid=64c8fcd96d2e8d8627042234%2C64c901fa4a204b99d70d5496%2C64c9025aee0388845e050468&ofpr=0.5%2C1%2C1.5&fpo=%2C%2C&d95=%2C%2C&rcd=%2C%2C&ri=%2C%2C1
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443";ma=60;
content-length: 0
date: Tue, 26 Nov 2024 02:28:36 GMT

POST
H2 200 pb Show response
ad.360yield.com/1944/ Frame DFF2 972 B
1 KB 185ms
183ms Fetch
application/json 54.198.143.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1944/pb
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.198.143.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-143-18.compute-1.amazonaws.com
Software: /
Resource Hash: ede265f40080da12e38ffdffdac5cdb3d84ec442d71ba6aebed87041e91da029

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: https://beforeitsnews.com
content-length: 972
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 26 Nov 2024 02:28:36 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true

POST
H2 200 pb Show response
ad.360yield.com/1944/ Frame DFF2 1 KB
662 B 130ms
128ms Fetch
application/json 54.198.143.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1944/pb
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.198.143.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-143-18.compute-1.amazonaws.com
Software: /
Resource Hash: b7af15f4551d17f4689fda3b91709a7ebc48cb2a5b57a90441d94205877a9c83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: https://beforeitsnews.com
content-encoding: gzip
content-length: 428
date: Tue, 26 Nov 2024 02:28:36 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true

POST
H2 200 pb Show response
ad.360yield.com/1944/ Frame DFF2 1 KB
548 B 138ms
138ms Fetch
application/json 54.198.143.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1944/pb
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.198.143.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-143-18.compute-1.amazonaws.com
Software: /
Resource Hash: 69514861aa04653157a8017a3df741d1c38bd6172953af777e59b163f0541894

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://beforeitsnews.com/

Response headers

access-control-allow-origin: https://beforeitsnews.com
content-encoding: gzip
content-length: 314
date: Tue, 26 Nov 2024 02:28:36 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame F374 0
0 1ms
1ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E7A7 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 9BF6 0
0 2ms
1ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D54C 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 5F14 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 78AD 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame F560 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4B02 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 5E5E 0
0 4ms
4ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 23236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 20:01:15 GMT
expires: Tue, 25 Nov 2025 20:01:15 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 48B3 45 KB
0 69ms
69ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 597
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 03:18:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:18:37 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

POST track
track1.aniview.com/ Frame DFF2 0
0

GET
H3 200 /
c.mgid.com/vs/ 43 B
400 B 74ms
73ms Image
image/gif 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/vs/?iid=1625435&e=error&h=null&o={%22timeOffset%22%3A0%2C%22muidn%22%3A%22oapv16dr7Fsi%22%2C%22playerEngine%22%3A%22aniview%22%2C%22adPlayer%22%3A0%2C%22uuid%22%3A%2220bdf5b0-ab9e-11ef-80df-c84bd6836428%22%2C%22subId%22%3A0%2C%22sticky%22%3A1%2C%22viewable%22%3A100%2C%22errorMessage%22%3A%22null%22%2C%22tt%22%3A%22Direct%22}&t=0&c=35779&scua=&scub=&scu=&scufvl=&scum=%253F0&scumd=&scup=&scupv=&scufv=&scuw=%253F0

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e8672368f856db0-MIA
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 02:28:37 GMT
content-type: image/gif
server: cloudflare

GET
H2 200 track
track1.aniview.com/ 0
168 B 60ms
59ms Image
text/plain 172.240.45.75
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=beforeitsnews.com&sn=&cd1=desktop&cd2=0&cd3=outstream&cd4=1625435&cd5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&cd6=17&cd9=%7C350320&cd10=%7C350320&cd11=%7C350320&cd12=%7C350320&ic=0&tgt=0&app=&wi=501&he=281&test=&d36=6.3.15&apppkg=&fv=1&proto=https&clsid=ba58b540-be7a-4bb0-9bc0-dd17a4997ed7&rando=46&rando1=72&rando2=25&scnt=1&pid=5ac2203f073ef46a6856c7b0&cid=66476b6442315e17210826fc&stagid=&stplid=&e=AV_M8&prbdres=errorlimit&cb=1732588117505
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443";ma=60;
content-length: 0
date: Tue, 26 Nov 2024 02:28:37 GMT

GET
H3 200 favicon.ico
beforeitsnews.com/ 9 KB
7 KB 62ms
61ms Other
image/x-icon 172.67.141.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e43d3f009fc3b6e90c13de5655bd02699517b4b32c82ed8c5489db819846718

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

access-control-max-age: 3628800
content-encoding: zstd
cf-cache-status: HIT
etag: W/"5fe55cb2-25be"
age: 4055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5xh43Hz%2FtIBkrCeS7mXhMZkMY8P032Blt%2BtXHnBBBm2Y4YuRTbllPtJW52%2B1uzMvWjT9gehcGFLimQALu9MLtfOeNAGVz1LpRXql910U7czylXs%2F1ayYYP84qxK1Fq8vn7pmA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46737&sent=1018&recv=219&lost=0&retrans=0&sent_bytes=1128957&recv_bytes=47496&delivery_rate=14470&cwnd=379200&unsent_bytes=0&cid=06d3d04f7a27dd8c&ts=11035&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 02:28:40 GMT
content-type: image/x-icon
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8672467d0344db-ATL
access-control-allow-origin: *
server: cloudflare

POST log
translate.googleapis.com/element/ 0
0

OPTIONS log
translate.googleapis.com/element/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: beforeitsnews.com
URL: blob:https://beforeitsnews.com/2d97cc7c-703b-46bb-9d26-664b2091688d

Domain: beforeitsnews.com
URL: blob:https://beforeitsnews.com/ec8db3ee-3257-4ed0-9478-95c8c3cbccc4

Domain: beforeitsnews.com
URL: blob:https://beforeitsnews.com/d2fcac2c-3274-49fe-b679-01ff6351489e

Domain: beforeitsnews.com
URL: blob:https://beforeitsnews.com/507bf8df-5668-4cda-b558-b21a38018a30

Domain: beforeitsnews.com
URL: blob:https://beforeitsnews.com/1600291e-a3d1-470b-8baf-eb86b3b8998c

Domain: beforeitsnews.com
URL: blob:https://beforeitsnews.com/76703d70-1d4d-44b9-87b5-3fbfa1d1dc87

Domain: beforeitsnews.com
URL: blob:https://beforeitsnews.com/1f38c1de-ccd6-425b-a831-84a3febc28f5

Domain: beforeitsnews.com
URL: blob:https://beforeitsnews.com/645ce717-dada-4892-8915-1deb1eb0d0c4

Domain: cm.mgid.com
URL: https://cm.mgid.com/google?muidn=oapv16dr7Fsi&gdpr=0&gdpr_consent=&google_ula={guid},5&google_gid=CAESEC_TtCj0gOCclFXU_IjVaHg&google_cver=1

Domain: track1.aniview.com
URL: https://track1.aniview.com/track?avh=03112b9898601180f1298f060ae39468adb321f34d7a460e2a99f1e86a2bdc3891a77afcd43a3057544afb2267bf64c018310e15688152d452db6b22e8886d11a0bacb777e89ab6d087557ee2384e873a8bfe4338323d82e90d8f588260736052b22ab0739cf82ea15387129c1b9e16d&r=beforeitsnews.com&rs=beforeitsnews.com&sid=9518&t=1732588112&sn=&tgt=0&osv=&bv=131.0&brn=Chrome&wi=501&he=281&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&d64=1cf76924625050270ee9efe33b2f3bcc&d63=1cf76924625050270ee9efe33b2f3bcc&aafaid=&proto=https&uid=1732588112697-172027211197-000826-013-005183&stagid=&stplid=&d35=&d36=6.3.15&cb=31473111588001&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&d94=87bf8fd&apppkg=&cd6=17&cd9=%7C350320&cd10=%7C350320&cd11=%7C350320&cd12=%7C350320&cd1=desktop&cd2=0&cd3=outstream&cd4=1625435&cd5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&d9=0000&d22=5ac2203f073ef46a6856c7b0&d24=66476b6442315e17210826fc&d37=realtime&d65=_GlobalConfig&AV_WIDTH=501&AV_HEIGHT=281

Domain: track1.aniview.com
URL: https://track1.aniview.com/track?avh=03112b9898601180f1298f060ae39468adb321f34d7a460e2a99f1e86a2bdc3891a77afcd43a3057544afb2267bf64c018310e15688152d452db6b22e8886d11a0bacb777e89ab6d087557ee2384e873a8bfe4338323d82e90d8f588260736052b22ab0739cf82ea15387129c1b9e16d&r=beforeitsnews.com&rs=beforeitsnews.com&sid=9518&t=1732588112&sn=&tgt=0&osv=&bv=131.0&brn=Chrome&wi=501&he=281&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&d64=1cf76924625050270ee9efe33b2f3bcc&d63=1cf76924625050270ee9efe33b2f3bcc&aafaid=&proto=https&uid=1732588112697-172027211197-000826-013-005183&stagid=&stplid=&d35=&d36=6.3.15&cb=31473111588001&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&d94=87bf8fd&apppkg=&cd6=17&cd9=%7C350320&cd10=%7C350320&cd11=%7C350320&cd12=%7C350320&cd1=desktop&cd2=0&cd3=outstream&cd4=1625435&cd5=20bdf5b0-ab9e-11ef-80df-c84bd6836428&d9=0000&d22=5ac2203f073ef46a6856c7b0&d24=66476b6442315e17210826fc&d37=realtime&d65=_GlobalConfig&AV_WIDTH=501&AV_HEIGHT=281

Domain: translate.googleapis.com
URL: https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Domain: translate.googleapis.com
URL: https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

313 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

207 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smartadserver.com/api	1970-01-21 03:26:04	Name: pid Value: 2245899362504471552
m.beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s2
beforeitsnews.com/	1970-01-21 10:52:28	Name: b4in-uuid Value: 3d7260b9-f55a-4178-8d6d-e649aa95262a
.onesignal.com/	1970-01-21 01:16:29	Name: __cf_bm Value: djgNDyniMNticxNDcYmu1dV7sXdJOOBOlinyolkSryk-1732588110-1.0.1.1-4TCDuNXVNFEwmJ0U3xX9E1DQ675FXLxkZavegdS1QqwjDiFZPi1Z9y_Pfe8tT1fh1uICQQ_dSMOFbtRwuVIIcA
.beforeitsnews.com/	1970-01-21 10:02:04	Name: cf_clearance Value: K5UBpm7NXCz1EZHduA2xIaSA58ylRq6dK0cRoNUP2.o-1732588110-1.2.1.1-k15WSOzQHZ3O0l3fGkZejxyGDI5RCCVwyDA5JTLyH2AXSCSAAXQsMUzcL2jqrdLzbAuLsYZYZGdI33emCkjPRgyAF8gc9IxWQEh8benm1Aww2XQSfPFkbWCDrvkfSstfDUS2crQw8SLouPTLALllutnONxgbyypYeGeQtKw_b1B5hN6GRMZEbQD_I4_FAdHcsyDUNk3Lfg4MCKFNHtWQnslu5GkbGxMxZTYyt1hVf2tFGTvrC3PEkTL.EkN6LLyfLgnCLE7tdOv4vlsvHJziyyoKYMAyzHPIlJnOof8yBYo7UWTra4hfZBMFAz0LFaCcEHY8xvDq63X02UwWwLjhqgQ0xYTh_6.bLn_GHA4gXK1.2n8G0LYo3srWE_F.zxbu
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: hKdKBe1Ix_I
.youtube.com/	1970-01-21 05:35:40	Name: VISITOR_INFO1_LIVE Value: Ka7PCsZ2nWo
.youtube.com/	1970-01-21 05:35:40	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgOg%3D%3D
.beforeitsnews.com/	1970-01-21 10:52:28	Name: _ga Value: GA1.2.1212335341.1732588111
.beforeitsnews.com/	1970-01-21 01:17:54	Name: _gid Value: GA1.2.849976291.1732588111
.beforeitsnews.com/	1970-01-21 01:16:28	Name: _gat_UA-16055024-1 Value: 1
.beforeitsnews.com/	1970-01-21 10:52:28	Name: _ga_X6HC1RQLPR Value: GS1.2.1732588111.1.1.1732588111.60.0.0
.mgid.com/	1970-01-21 10:02:04	Name: muidn Value: oapv16dr7Fsi
beforeitsnews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C720413%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221732588111768%22%7D%2C%22C351459%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221732588111789%22%7D%2C%22C720415%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221732588111770%22%7D%2C%22C1625435%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221732588111787%22%7D%7D
usync.ingage.tech/	1970-01-21 03:26:04	Name: instUid Value: 106174bd-1ab5-44cf-8bfb-000-60ef2f2d
.idealmedia.io/	1970-01-21 10:02:04	Name: muidn Value: oapv16dr7Fsi
cm.idealmedia.io/	1970-01-21 01:59:40	Name: mg_sync Value: {"433147":1732588112}
.33across.com/	1970-01-21 10:02:04	Name: 33x_ps Value: u%3D212894866633705%3As1%3D1732588112219%3Ats%3D1732588112219
.pubmatic.com/	1970-01-21 10:02:04	Name: KADUSERCOOKIE Value: B7128D15-F2CE-4044-9242-19350E4E558C
.ingage.tech/	1970-01-21 03:26:04	Name: instUid Value: 106174bd-1ab5-44cf-8bfb-000-60ef2f2d
.ingage.tech/	1970-01-21 03:26:04	Name: cookieRegion Value: wdc
.admanmedia.com/	1970-01-21 01:36:36	Name: admtr Value: e2232524-8ac5-4049-bda1-3c22518ae450
.admanmedia.com/	1970-01-21 01:36:36	Name: ac_r Value: CS77
.ingage.tech/	1970-01-21 01:16:29	Name: __cf_bm Value: w59eLDYGt8bYcQvC.p.jbsDg0M8n3jrCAVBsKxzuICk-1732588112-1.0.1.1-0I67J4zvlfT8PZDP0YuRezrSd1ZMt9GaS4p7X1PiwK92GVpRF7ZwEqwaetQJYSMRyPr.vO2p3OnZ8dexgaUYEQ
.eyeota.net/	1970-01-21 10:02:04	Name: mako_uid Value: 193664c89ca-795b0000010a5638
.eyeota.net/	1970-01-21 01:16:28	Name: SERVERID Value: 22072~DM
.zemanta.com/	1970-01-21 10:02:04	Name: zuid Value: T5RMmQDb5HqyAoiYvEdL
.doubleclick.net/	1970-01-21 10:52:28	Name: IDE Value: AHWqTUnNRKAxjKAEQrhLFFiGZJ2DtM6CIE_WUZwTiWyLSeNDqXJc_SDseA5QftSAysY
.lijit.com/	1970-01-21 10:02:04	Name: ljt_reader Value: Jup0ALZH0Gb3m-OAT4md179-
.casalemedia.com/	1970-01-21 10:02:04	Name: CMID Value: Z0UyUNHM41QAACZbAaT8.QAA
.casalemedia.com/	1970-01-21 03:26:04	Name: CMPS Value: 632
.casalemedia.com/	1970-01-21 03:26:04	Name: CMPRO Value: 632
.360yield.com/	1970-01-21 03:26:04	Name: tuuid Value: 93f5ca43-afec-4a57-8008-46a66bf12883
.360yield.com/	1970-01-21 03:26:04	Name: tuuid_lu Value: 1732588112
.mfadsrvr.com/	1970-01-21 10:02:04	Name: tuuid Value: 8b67b9cb-2762-43ab-a72b-b1c5fcac187f
.mfadsrvr.com/	1970-01-21 10:02:04	Name: c Value: 1732588112
.mfadsrvr.com/	1970-01-21 10:02:04	Name: tuuid_lu Value: 1732588112
.tynt.com/	1970-01-21 10:02:04	Name: uid Value: 6iLoIGdFMlDf04cqOVcNPQ==
.creativecdn.com/	1970-01-21 10:02:04	Name: g Value: k3vY5eHjMZq2nQrGJ4Uf_1732588112419
.creativecdn.com/	1970-01-21 10:02:04	Name: ts Value: 1732588112
.yellowblue.io/	1970-01-21 01:59:40	Name: wrvUserID Value: dDdQcEx2NDlral9z
.adnxs.com/	1970-01-21 10:52:28	Name: receive-cookie-deprecation Value: 1
.a-mo.net/	1970-01-21 01:17:54	Name: _sv3_0 Value: 1
.a-mo.net/	1970-01-21 10:02:04	Name: amuid2 Value: 1b8efe92-5857-43eb-8e21-ed14914cfb97
.a-mo.net/	1970-01-21 10:02:04	Name: pamuid2 Value: 1b8efe92-5857-43eb-8e21-ed14914cfb97
.prebid.a-mo.net/	1970-01-21 10:02:04	Name: psd_amuid2 Value: 1b8efe92-5857-43eb-8e21-ed14914cfb97
.prebid.a-mo.net/	1970-01-21 10:02:04	Name: sd_amuid2 Value: 1b8efe92-5857-43eb-8e21-ed14914cfb97
.ingage.tech/	1970-01-21 10:02:04	Name: cf_clearance Value: ohSv02C7FrwlENxPDrP5JYhphgkJuDWhV0O.YG4h9eQ-1732588112-1.2.1.1-WN2lLs6yQHJEaJFccPxeEQsz01.I.fq4x5jAYqntBzZkL10Yh9Oo7PGQ6V3iMnl55wVXuOspMXNvw55.I0Nll197ocyVp3WgBda0Mc.AsR2LPGk217FHOakTc0xOKmugzO2hkFHSlZVCqZ66pZ74SDg9eYa81u39Y4IPCUdrmnnp9068P1OtXq60HRyt0l5feRnLcmdYrdPBr9Bhvcc35JT4BW.bEh8zd2p9Znff0yGZ50b77b6MDJWkDIXX_lnpfy5aPBrk50A5WDTTbtnxJXtZ4X2zZuuDio5AF0bZCEJtyUrO.V4SrUjHmDpBY4CBw8qnxVrQswN04tWZclltbzc.0yAlmjhSz7EAqC6zDHrcpqR2Cly8.V4NUmmnh1EZ3fmGoHVfoDR9.n58vPXD5g
.tynt.com/	1970-01-21 03:26:04	Name: pids Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1732588112547%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1732588112547%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1732588112547%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1732588112547%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1732588112547%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1732588112547%7D%5D
.sharethrough.com/	1970-01-21 01:59:40	Name: stx_user_id Value: be29ad66-fbf7-477a-9679-a9099b9b78dd
.rtbsystem.com/	1970-01-21 10:02:04	Name: ut-0 Value: f0a52311-0e9d-51e6-ae2a-fee3791a4600
.rtbsystem.com/	1970-01-21 10:02:04	Name: ut-28 Value: 5451864975736
.rtbsystem.com/	1970-01-21 10:02:04	Name: ut-15 Value: 92921A8BF19423049996B6565BA606597CD0AD94F5CA04611726F25EFBB94F33
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_80 Value: 22987-CAESEIkk6wNK8kwRKFPhbcdvrTg&KRTB&16514-CAESEIkk6wNK8kwRKFPhbcdvrTg&KRTB&23025-CAESEIkk6wNK8kwRKFPhbcdvrTg&KRTB&23386-CAESEIkk6wNK8kwRKFPhbcdvrTg
.go.sonobi.com/	1970-01-21 10:02:04	Name: __uis Value: 540c95b9-0e11-40fe-b821-13753e9c6537
.brand-display.com/	1970-01-21 10:52:28	Name: _knxq_ Value: f5c3bfe5-2956-a87d-9dc23e6d.1732588112.0.1732588112.1732588112
.adentifi.com/	1970-01-21 10:52:28	Name: adtheorent[cuid] Value: cuid_218017c2-ab9e-11ef-b261-123fb0542741
.adsrvr.org/	1970-01-21 10:02:04	Name: TDID Value: 0c0c5e41-daa5-4c18-a64a-06059b5de795
.a-mo.net/	1970-01-21 01:17:54	Name: _sv3_3 Value: 1
.deepintent.com/	1970-01-21 10:52:28	Name: CDIUSER Value: di_bf33884544744962a8d00
.aniview.com/	1970-01-21 01:45:16	Name: aniC Value: 1732588112697-172027211197-000826-013-005183
.adnxs.com/	1970-01-21 03:26:04	Name: XANDR_PANID Value: V_rqIgSzf1GZkj0sQQzCU1h9EBoduNWqygD5v8Oz5MhIfFAqYDSFFB4o1LBXgS1towx9fnJKFBScLB4Aqf_UHV_4KTx3qGvu0zv6_nr3vUw.
.adnxs.com/	1970-01-21 03:26:04	Name: uuid2 Value: 8391688946624495119
.pippio.com/	1970-01-21 10:02:04	Name: did Value: 5-K4xAr7g72lvwtn
.pippio.com/	1970-01-21 10:02:04	Name: didts Value: 1732588112
.pippio.com/	1970-01-21 02:42:52	Name: nnls Value:
.pippio.com/	1970-01-21 02:42:52	Name: pxrc Value: CNDklLoGEgYIgr0rEAA=
.a-mo.net/	1970-01-21 01:17:54	Name: _sv3_14 Value: 1
.amazon-adsystem.com/	1970-01-21 06:28:56	Name: ad-id Value: A8OoafuWxETlvslOi9DhkMY
.amazon-adsystem.com/	1970-01-21 10:52:28	Name: ad-privacy Value: 0
.krushmedia.com/	1970-01-21 01:36:37	Name: krm_usr Value: 7001753f-dcba-5d80-9690-30e05eddea33
.krushmedia.com/	1970-01-21 01:36:37	Name: krm_r Value: 615
.deepintent.com/	1970-01-21 10:52:28	Name: CDIPARTNERS Value: %7B%221%22%3A%2220241126%22%2C%22141%22%3A%2220241126%22%7D
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_1251 Value: 23269-di_bf33884544744962a8d00&KRTB&23571-di_bf33884544744962a8d00
.mxptint.net/	1970-01-21 10:52:28	Name: mxpim Value: R33647_11F943C82_D2B32E6C.1.000000000000000067453250
.sitescout.com/	1970-01-21 10:02:04	Name: ssi Value: 125a969a-a76f-4bdd-9546-2b49158774b1#1732588113123
.simpli.fi/	1970-01-21 10:03:30	Name: suid Value: C91D81798E854468A84E48472842B349
.a-mo.net/	1970-01-21 01:17:54	Name: _sv3_8 Value: 1
.omnitagjs.com/	1970-01-21 01:59:40	Name: ayl_visitor Value: 96f838ba2c3f425b1aea8ee79a929607
.mfadsrvr.com/	1970-01-21 10:02:04	Name: ssh Value: !bidswitch=1732588113!mgid=1732588112
.adform.net/	1970-01-21 01:59:40	Name: C Value: 1
.rlcdn.com/	1970-01-21 10:02:04	Name: rlas3 Value: 2fL8NSlsZCNPV9Yy/WNX9sGcz3iK7BY45MgoDceZ3/U=
.rlcdn.com/	1970-01-21 02:42:52	Name: pxrc Value: CNDklLoGEgUI6AcQABIFCOhHEAASBgi46wEQAQ==
.tribalfusion.com/	1970-01-21 03:26:04	Name: ANON_ID Value: awnoeUyOZbSUoJTyHtYmVsSmrBURDUEcqAm71cxk6
.linkedin.com/	1970-01-21 03:26:04	Name: li_sugr Value: fce06dc9-6cc2-4bf9-bddc-f47b299806bf
.linkedin.com/	1970-01-21 10:02:04	Name: bcookie Value: "v=2&6f685b61-5322-45c7-8cfb-3ad1ef69228d"
.linkedin.com/	1970-01-21 01:17:54	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=3049:u=1:x=1:i=1732588113:t=1732674513:v=2:sig=AQHi5wfp1l-OCY9qukHg_340AMSc-0bJ"
.aniview.com/	1970-01-21 01:30:52	Name: 1_C_18 Value: Jup0ALZH0Gb3m-OAT4md179-
sync.aniview.com/	1970-01-21 01:30:52	Name: 1_C_18 Value: Jup0ALZH0Gb3m-OAT4md179-
.adgrx.com/	1970-01-21 10:45:16	Name: ADGRX_UID Value: 21c9792e-ab9e-11ef-b7c9-d3f337483448
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_964 Value: 20918-cuid_218017c2-ab9e-11ef-b261-123fb0542741&KRTB&23354-cuid_218017c2-ab9e-11ef-b261-123fb0542741&KRTB&23415-cuid_218017c2-ab9e-11ef-b261-123fb0542741&KRTB&23422-cuid_218017c2-ab9e-11ef-b261-123fb0542741
.pubmatic.com/	1970-01-21 01:59:40	Name: KRTBCOOKIE_52 Value: 22772-R33647_11F943C82_D2B32E6C&KRTB&23092-R33647_11F943C82_D2B32E6C
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_377 Value: 6810-0c0c5e41-daa5-4c18-a64a-06059b5de795&KRTB&22918-0c0c5e41-daa5-4c18-a64a-06059b5de795&KRTB&22926-0c0c5e41-daa5-4c18-a64a-06059b5de795&KRTB&23031-0c0c5e41-daa5-4c18-a64a-06059b5de795
.pubmatic.com/	1970-01-21 01:59:40	Name: KRTBCOOKIE_148 Value: 19421-uid:C91D81798E854468A84E48472842B349&KRTB&23486-uid:C91D81798E854468A84E48472842B349&KRTB&23489-uid:C91D81798E854468A84E48472842B349&KRTB&23539-uid:C91D81798E854468A84E48472842B349
.quantserve.com/	1970-01-21 10:46:42	Name: mc Value: 67453251-2c9ca-a3f60-b9fce
.quantserve.com/	1970-01-21 03:26:04	Name: sp Value: CggIiQ0SAxD-DQ==
.sitescout.com/	1970-01-21 01:59:40	Name: _ssuma Value: eyI0NSI6MTczMjU4ODExMzE4N30
.rfihub.com/	1970-01-21 10:38:04	Name: rud Value: H4sIAAAAAAAA_-MSsjS3MDe1sDQwMbEwMTAzNbAwFOIz1DUvKwyPLA72yXZNKwEALGGuMCQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjS3MDe1sDQwMbEwMTAzNbAwFOIz1DUvKwyPLA72yXZNKwEALGGuMCQAAAA
.rfihub.com/	1970-01-21 10:38:04	Name: eud Value: H4sIAAAAAAAA_9vEyGtobmxkamFhaGhsaGEMAPCfMjoQAAAA
.mathtag.com/	1970-01-21 10:42:23	Name: uuid Value: 8a276745-3251-4000-b199-4f46a4cad70f
.a-mx.com/	1970-01-21 10:02:04	Name: amdt_t Value: p::1732588113180
.a-mx.com/	1970-01-21 10:02:04	Name: amuid2 Value: 1b8efe92-5857-43eb-8e21-ed14914cfb97
.semasio.net/	1970-01-21 10:02:04	Name: SEUNCY Value: 7A93BE24B0DE7700
.yahoo.com/	1970-01-21 10:02:25	Name: A3 Value: d=AQABBFEyRWcCEDrmq9VK7lcW4zq6fR3j8rUFEgEBAQGDRmdPZwAAAAAA_eMAAA&S=AQAAAn0hBFB_zshmdXWHT_tQu2E
.bidr.io/	1970-01-21 10:44:58	Name: bito Value: AAFt907OimUAABaXZBUGEg
.bidr.io/	1970-01-21 10:44:58	Name: bitoIsSecure Value: ok
.ipredictive.com/	1970-01-21 10:02:04	Name: cu Value: 5907ecb9-5a4f-4f7a-9ba5-c291d31f4678\|1732588113210
sync.srv.stackadapt.com/	1970-01-21 10:02:04	Name: sa-user-id Value: s%3A0-210cd39d-5d33-517d-6db4-dc516199c28c.qs%2FQ7Y5S%2B6oESoFbNdXGN3IdcTFE8QR4rlv4yEbR82A
.srv.stackadapt.com/	1970-01-21 10:02:04	Name: sa-user-id Value: s%3A0-210cd39d-5d33-517d-6db4-dc516199c28c.qs%2FQ7Y5S%2B6oESoFbNdXGN3IdcTFE8QR4rlv4yEbR82A
sync.srv.stackadapt.com/	1970-01-21 10:02:04	Name: sa-user-id-v2 Value: s%3AIQzTnV0zUX1ttNxRYZnCjCaEdk0.OUaQ%2BKs2qpn4u3QJ5oVwh0vldQQnJaJJ6pcAkAE%2ByZM
.srv.stackadapt.com/	1970-01-21 10:02:04	Name: sa-user-id-v2 Value: s%3AIQzTnV0zUX1ttNxRYZnCjCaEdk0.OUaQ%2BKs2qpn4u3QJ5oVwh0vldQQnJaJJ6pcAkAE%2ByZM
sync.srv.stackadapt.com/	1970-01-21 10:02:04	Name: sa-user-id-v3 Value: s%3AAQAKINs5fA_N9ZazmHCppWCJXnHta0A5oSbX6bDrSDnxLdeTEGcYBCDR5JS6BjABOgSAOSS3QgSbx6J1.5OR1P77K%2F2NC2ip%2FEuFc9zL9qXrr94ZRzoLf8SdaHdU
.srv.stackadapt.com/	1970-01-21 10:02:04	Name: sa-user-id-v3 Value: s%3AAQAKINs5fA_N9ZazmHCppWCJXnHta0A5oSbX6bDrSDnxLdeTEGcYBCDR5JS6BjABOgSAOSS3QgSbx6J1.5OR1P77K%2F2NC2ip%2FEuFc9zL9qXrr94ZRzoLf8SdaHdU
.w55c.net/	1970-01-21 10:45:16	Name: wfivefivec Value: pxSwIu521TfLjz5
.dotomi.com/	1970-01-21 01:16:28	Name: DotomiTest Value: 4e27f45cd956107e
.richaudience.com/	1970-01-21 01:59:40	Name: pdid Value: b2f3fcdf-c970-420a-8bbf-1zz1732588113
.adx.opera.com/	1970-01-21 10:02:04	Name: UID Value: OPU937bae95779f4a1a865eed4e7fe56543
.onaudience.com/	1970-01-21 10:02:04	Name: cookie Value: 10caf7be21ecfa6c
.onaudience.com/	1970-01-21 01:17:54	Name: done_redirects252 Value: 1
.adgrx.com/	1970-01-21 01:17:54	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.aniview.com/	1970-01-21 01:30:52	Name: 1_C_22 Value: 93f5ca43-afec-4a57-8008-46a66bf12883
sync.aniview.com/	1970-01-21 01:30:52	Name: 1_C_22 Value: 93f5ca43-afec-4a57-8008-46a66bf12883
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_153 Value: 19420-Z9kUfmLcFXp83ENyMo8NKmKIFnt8jBktMosh6Huw&KRTB&22979-Z9kUfmLcFXp83ENyMo8NKmKIFnt8jBktMosh6Huw&KRTB&23462-Z9kUfmLcFXp83ENyMo8NKmKIFnt8jBktMosh6Huw
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_18 Value: 22947-978758904484065081&KRTB&23628-978758904484065081
.pubmatic.com/	1970-01-21 01:59:40	Name: KRTBCOOKIE_279 Value: 22890-5907ecb9-5a4f-4f7a-9ba5-c291d31f4678&KRTB&23011-5907ecb9-5a4f-4f7a-9ba5-c291d31f4678&KRTB&23355-5907ecb9-5a4f-4f7a-9ba5-c291d31f4678
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_188 Value: 3189-125a969a-a76f-4bdd-9546-2b49158774b1-67453251-5553&KRTB&23418-125a969a-a76f-4bdd-9546-2b49158774b1-67453251-5553&KRTB&23634-125a969a-a76f-4bdd-9546-2b49158774b1-67453251-5553
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_27 Value: 16735-uid:8a276745-3251-4000-b199-4f46a4cad70f
.aniview.com/	1970-01-21 01:30:52	Name: 1_C_216 Value: gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ
sync.aniview.com/	1970-01-21 01:30:52	Name: 1_C_216 Value: gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_1278 Value: 23329-a4713339-907e-486b-9d42-729ed98889a0&KRTB&23340-a4713339-907e-486b-9d42-729ed98889a0&KRTB&23498-a4713339-907e-486b-9d42-729ed98889a0
.w55c.net/	1970-01-21 01:59:40	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_860 Value: 16335-IQzTnV0zUX1ttNxRYZnCjCaEdk0&KRTB&23334-IQzTnV0zUX1ttNxRYZnCjCaEdk0&KRTB&23417-IQzTnV0zUX1ttNxRYZnCjCaEdk0&KRTB&23426-IQzTnV0zUX1ttNxRYZnCjCaEdk0
.a-mo.net/	1970-01-21 01:17:54	Name: _sv3_2 Value: 1
.pubmatic.com/	1970-01-21 01:36:37	Name: KRTBCOOKIE_1323 Value: 23480-OPU937bae95779f4a1a865eed4e7fe56543&KRTB&23485-OPU937bae95779f4a1a865eed4e7fe56543&KRTB&23524-OPU937bae95779f4a1a865eed4e7fe56543&KRTB&23575-OPU937bae95779f4a1a865eed4e7fe56543
.pubmatic.com/	1970-01-21 01:59:40	Name: KRTBCOOKIE_391 Value: 22924-1967416308125913490&KRTB&23231-1967416308125913490&KRTB&23263-1967416308125913490&KRTB&23481-1967416308125913490
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_32 Value: 11175-AQAE2vrPBlf-egJOe_7aAQEBAQEBAQCSZ02MjQEBAJJnTYyN&KRTB&22715-AQAE2vrPBlf-egJOe_7aAQEBAQEBAQCSZ02MjQEBAJJnTYyN&KRTB&23519-AQAE2vrPBlf-egJOe_7aAQEBAQEBAQCSZ02MjQEBAJJnTYyN&KRTB&23632-AQAE2vrPBlf-egJOe_7aAQEBAQEBAQCSZ02MjQEBAJJnTYyN
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_1003 Value: 22761-21c9792e-ab9e-11ef-b7c9-d3f337483448&KRTB&23275-21c9792e-ab9e-11ef-b7c9-d3f337483448
beacon.lynx.cognitivlabs.com/	1970-01-21 10:02:04	Name: UID Value: 8343121a-6f24-47d8-bb52-93e814a16636
beacon.lynx.cognitivlabs.com/	1970-01-21 10:02:04	Name: ss Value: f9WmaF5CFNS412bl5jlrSauNE6BkbK5mppkdWJhEqS8503rYGN7hvLig6d0vrKhsdK8oeaVWJUWqHCVWznId3Q%3D%3D
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_107 Value: 1471-uid:pxSwIu521TfLjz5&KRTB&23421-uid:pxSwIu521TfLjz5
.pubmatic.com/	1970-01-21 01:59:40	Name: KRTBCOOKIE_632 Value: 23041-gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&KRTB&23047-gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&KRTB&23234-gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ&KRTB&23361-gJSj-qtNxawJ-NVKgGmQ_tZG_r83go2Q8W9rdivv1WQ
.rubiconproject.com/	1970-01-21 03:26:04	Name: receive-cookie-deprecation Value: 1
.turn.com/	1970-01-21 05:35:40	Name: uid Value: 8526313697806343102
.aniview.com/	1970-01-21 01:30:52	Name: 1_C_5 Value: M3XU885Q-O-HK2H
sync.aniview.com/	1970-01-21 01:30:52	Name: 1_C_5 Value: M3XU885Q-O-HK2H
.pubmatic.com/	1970-01-21 01:59:40	Name: KRTBCOOKIE_22 Value: 14911-8526313697806343102&KRTB&23150-8526313697806343102&KRTB&23527-8526313697806343102&KRTB&23629-8526313697806343102
.a-mo.net/	1970-01-21 01:17:54	Name: _sv3_4 Value: 1
.analytics.yahoo.com/	1970-01-21 10:02:04	Name: IDSYNC Value: "18z8~2m1e:199z~2m1e"
.smartadserver.com/	1970-01-21 03:26:04	Name: pid Value: 5125273591253496912
.smartadserver.com/	1970-01-21 10:45:16	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 03:26:04	Name: csync Value: 127:AAFt907OimUAABaXZBUGEg
.rubiconproject.com/	1970-01-21 10:02:04	Name: audit_p Value: 1\|n2OHmjjhoxSXWe3+gVFGU6USkHi/oPJhj8DotdgQuqc8fCYmOTvXgz2tOWbo+YwajhT0vQ95GGBS8G+dhi1GhVEzNmZkqoUp
.rubiconproject.com/	1970-01-21 10:02:04	Name: khaos Value: M3XU8841-U-781P
.rubiconproject.com/	1970-01-21 10:02:04	Name: khaos_p Value: M3XU8841-U-781P
.rubiconproject.com/	1970-01-21 10:02:04	Name: audit Value: 1\|n2OHmjjhoxSXWe3+gVFGU6USkHi/oPJhj8DotdgQuqc8fCYmOTvXgz2tOWbo+YwajhT0vQ95GGBS8G+dhi1GhVEzNmZkqoUp
.adform.net/	1970-01-21 02:42:52	Name: uid Value: 4531962607664601979
.lijit.com/	1970-01-21 10:02:04	Name: _ljtrtb_80 Value: M3XU885Q-O-HK2H
cm.mgid.com/	1970-01-21 01:59:40	Name: mg_sync Value: {"265689":1732588112,"363887":1732588112,"43070":1732588113,"433146":1732588112,"556372":1732588112,"675043":1732588112,"709070":1732588112,"709071":1732588112,"720798":1732588112,"834104":1732588112,"834124":1732588112,"834126":1732588113,"834139":1732588113}
.onaudience.com/	1970-01-21 01:17:54	Name: done_redirects282 Value: 1
.tapad.com/	1970-01-21 02:42:52	Name: TapAd_TS Value: 1732588113842
.tapad.com/	1970-01-21 02:42:52	Name: TapAd_DID Value: e8e56291-e341-4713-96d2-485ad3f05657
.primis.tech/	1970-01-21 01:52:28	Name: csuuid Value: 67453251e11b9
.contextweb.com/	1970-01-21 09:54:52	Name: V Value: bCJx3xfHw0sL
.contextweb.com/	1970-01-21 09:54:52	Name: VP Value: part_bCJx3xfHw0sL
.contextweb.com/	1970-01-21 10:02:04	Name: pb_rtb_ev Value: 3-1uz9\|7dN.0.AAFt907OimUAABaXZBUGEg
.contextweb.com/	1970-01-21 10:02:04	Name: pb_rtb_ev_part Value: 3-1uz9\|7dN.0.AAFt907OimUAABaXZBUGEg
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 8475374043adf6cb
.id5-sync.com/	1970-01-21 03:26:04	Name: id5 Value: 9db0a1fe-1c3a-7eb1-89b5-d6b4a01f7a64#1732588113168#4
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_699 Value: 22727-AAFt907OimUAABaXZBUGEg&KRTB&23649-AAFt907OimUAABaXZBUGEg
.adsby.bidtheatre.com/	1970-01-21 01:26:32	Name: __kuid Value: 220823cb-26e4-4ab6-a01e-a152928b5b27.501802114
.intentiq.com/	1970-01-21 10:52:28	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 10:52:28	Name: intentIQ Value: 2GRRqMVveX
.intentiq.com/	1970-01-21 10:52:28	Name: CSDT Value: UEQ6MTUxMDZfMCZVVkNGOXRr
.intentiq.com/	1970-01-21 10:52:28	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 10:52:28	Name: IQPData Value: 646215245#1732588114314#0#1732588114314
.intentiq.com/	1970-01-21 10:52:28	Name: intentIQCDate Value: 1732588114315
.360yield.com/	1970-01-21 03:26:04	Name: um Value: !40,Q3SZeWozK5z4s0Oja5f9pVML3XLEs7JKs6C.zAT6pGHp,1740364114!489,IPXy2c0bPIoMtH9RiatdZKJjaURkGXE1CFQ,1740364112
.360yield.com/	1970-01-21 03:26:04	Name: umeh Value: !40,0,1794796114,-1!489,0,1794796112,-1
.criteo.com/	1970-01-21 10:38:04	Name: uid Value: ce0aa8b1-5335-422c-8006-a3027d41349c
.gumgum.com/	1970-01-21 10:02:04	Name: vst Value: u_4be40cfc-7c1b-47b0-8375-d58a07b00c99
.pubmatic.com/	1970-01-21 03:26:04	Name: SyncRTB4 Value: 1733443200%3A63%7C1733788800%3A96_238_46_55_166_13_99_71_48_3_267_178_104_220_56_22_21_266_264_233_176_81_249_214_271_231_5_7_234_201_54_240_165_8_250%7C1733184000%3A15_2_223%7C1733875200%3A268_35%7C1733011200%3A216%7C1737763200%3A69%7C1735171200%3A224
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8671\|Z0UyV
.pubmatic.com/	1970-01-21 03:26:04	Name: DPSync4 Value: 1732665600%3A248%7C1733184000%3A252_164_265%7C1733788800%3A219_226_228_197_245
.tapad.com/	1970-01-21 02:42:52	Name: TapAd_3WAY_SYNCS Value: 1!7946
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_594 Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.ads.pubmatic.com/	1970-01-21 01:17:54	Name: pubsyncexp Value: 1732609715978
.ctnsnet.com/	1970-01-21 10:02:04	Name: cid_98528d4be9074ae890848e20fa2c138f Value: 1
.pubmatic.com/	1970-01-21 01:17:54	Name: pi Value: 0:3
.pubmatic.com/	1970-01-21 03:26:04	Name: chkChromeAb67Sec Value: 9
.resetdigital.co/	1970-01-21 03:26:04	Name: ckbk Value: 0000016850D46C53
.agkn.com/	1970-01-21 10:02:04	Name: ab Value: 0001%3AazwAPt44ZJzsLQg2sHF8Z2Th4G%2BpnDlQ
.aniview.com/	1970-01-21 01:30:52	Name: 1_C_1 Value: B7128D15-F2CE-4044-9242-19350E4E558C
sync.aniview.com/	1970-01-21 01:30:52	Name: 1_C_1 Value: B7128D15-F2CE-4044-9242-19350E4E558C
.crwdcntrl.net/	1970-01-21 07:45:14	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 07:45:14	Name: _cc_id Value: e7bd45b90b6593893cfc9d7b02c9cb26
.pubmatic.com/	1970-01-21 03:26:04	Name: KRTBCOOKIE_1199 Value: 23168-0000016850D46C53&KRTB&23175-0000016850D46C53
.csync.loopme.me/	1970-01-21 03:28:56	Name: viewer_token Value: 5e79e952-e6c1-4bda-8c8b-36431241bf06
.adsrvr.org/	1970-01-21 10:02:04	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwj66Z3hgfPGPRAFEhYKB3J1Ymljb24SCwj2tvvlgfPGPRAFEhQKBXRhcGFkEgsIsuvN_YHzxj0QBRgBIAEoAjILCNCmva6Y88Y9EAU4AVoHOGg5dTExaGAC
.pubmatic.com/	1970-01-21 01:59:40	Name: KRTBCOOKIE_904 Value: 23554-JfMdTCDtCO6gCLu1VDJFZw&KRTB&23557-JfMdTCDtCO6gCLu1VDJFZw&KRTB&23586-JfMdTCDtCO6gCLu1VDJFZw
.pubmatic.com/	1970-01-21 01:59:40	Name: PugT Value: 1732588116
.id5-sync.com/	1970-01-21 03:26:04	Name: 3pi Value: 2#1732588114967#-97547351\|434#1732588115846#1992348245\|264#1732588116408#-29919417\|441#1732588116067#-755137196\|155#1732588114734#-292653503\|203#1732588115173#1211861939\|124#1732588114363#-1090609823\|796#1732588115351#-580156913\|108#1732588116679#467908018\|429#1732588115507#-1039822504
.mgid.com/	1970-01-21 01:16:29	Name: __cf_bm Value: VRCoz1RPnFm7hdICkoIvCz3I8OZIW1k1slDo3mRQXBw-1732588117-1.0.1.1-n_UN3nUV24qWOwCsOUUVL6auHrfG5Fte_wbbhuZjUTEpPYeqiWbY3GfAfY50eEtn3Pqh2vjQt33HGCKFyGiz9w
.pubmatic.com/	1970-01-21 01:59:40	Name: SPugT Value: 1732588117
.iqzone.com/	1970-01-21 01:36:37	Name: iq_u_key Value: 6d7234f8-3da7-4e34-99f0-961b68c9f069
.iqzone.com/	1970-01-21 01:36:37	Name: iq_r_key Value: 277

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://beforeitsnews.com/(Line 312) Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/916576/images/IMG_20241125_180345_(500_x_264_pixel).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/916576/images/IMG_20241125_180345_(500_x_264_pixel).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js(Line 1) Message: Unrecognized feature: 'web-share'.
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/imgpanda_premium_oxzV1Q.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/imgpanda_premium_dfqwWK.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/mike%20king%20(1)(2).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/dont-be-afraid-of-the-dark1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/dark-web.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/02n-trumpforweb-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/imgpanda_premium_eRgy73.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/ghost%20under%20moon%20california.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/418130/images/241117_WilliamBrooks_SealsTrumpetsBowlsl.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://theeconomiccollapseblog.com/wp-content/uploads/2024/11/300-x-250-Ad1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/monkey-man-with-handcuffs_1368-11770.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://beforeitsnews.com/contributor/upload/106013/images/0X22%20Report%20(3).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://beforeitsnews.com/ Message: Mixed Content: The page at 'https://beforeitsnews.com/' was loaded over HTTPS, but requested an insecure element 'http://m.beforeitsnews.com/contributor/upload/916576/images/IMG_20241125_180345_(500_x_264_pixel).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering	warning	URL: https://beforeitsnews.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C000021C390000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://beforeitsnews.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F04B121C390000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://beforeitsnews.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0204C121C390000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://beforeitsnews.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A000E9391C390000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://cm.mgid.com/m?cdsp=834139 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a-1791.com
a1.beforeitsnews.com
ad.360yield.com
ads.pubmatic.com
ajax.beforeitsnews.com
analytics.google.com
ap.lijit.com
b1sync.zemanta.com
beforeitsnews.com
c.mgid.com
cdn.id5-sync.com
cdn.mgid.com
cdn.onesignal.com
cdn2.customads.co
cl.imghosts.com
cm.adform.net
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cm.rtbsystem.com
creativecdn.com
cs.admanmedia.com
customads.co
de.tynt.com
dis.eu.criteo.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
hde.tynt.com
i.imgflip.com
i.ytimg.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.youtube.com
jsc.mgid.com
lb.eu-1-id5-sync.com
m.beforeitsnews.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
na-ice.360yield.com
nerangee.com
onesignal.com
onetag-sys.com
pa.openx.net
pagead2.googlesyndication.com
pippio.com
pixel.tapad.com
player.aniview.com
prebid.a-mo.net
ps.eyeota.net
px.ads.linkedin.com
rddywd.com
rtb-usw.mfadsrvr.com
rtb.gumgum.com
rumble.com
s-img.mgid.com
s0.2mdn.net
s2s.aniview.com
s3.tradingview.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum.casalemedia.com
static-3.bitchute.com
stats.g.doubleclick.net
sync.aniview.com
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
td.doubleclick.net
timothycharlesholmseth.com
track1.aniview.com
translate.google.com
translate.googleapis.com
usync.ingage.tech
video-native.mgid.com
visitor-mgid.omnitagjs.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.tradingview-widget.com
www.youtube.com
x.bidswitch.net
beforeitsnews.com
cm.mgid.com
track1.aniview.com
translate.googleapis.com
104.16.71.101
104.17.111.223
104.18.164.66
104.18.26.193
104.19.130.76
104.19.131.76
107.178.254.65
107.20.94.136
107.22.72.237
121.127.42.98
125.253.89.180
134.122.57.34
142.250.176.200
142.250.65.194
142.250.72.99
142.251.40.194
142.251.40.226
142.251.40.227
142.251.41.4
148.251.40.153
162.19.138.116
162.19.138.117
172.240.45.70
172.240.45.75
172.240.45.81
172.240.45.96
172.64.153.183
172.67.138.44
172.67.141.76
172.67.191.172
178.250.1.9
185.184.8.90
192.124.249.109
205.220.231.24
207.5.199.200
207.65.37.182
207.65.37.184
216.239.36.178
23.195.94.138
23.205.2.235
23.44.136.174
23.51.57.13
23.83.76.53
2400:52e0:1a00::941:1
2600:141b:1c00:30::1739:5a6f
2600:9000:2479:c600:18:9413:7780:93a1
2606:4700:10::ac43:266a
2606:4700:3030::6815:3f99
2606:4700:3034::ac43:8d4c
2606:4700::6812:1ad8
2607:f350:3:2569:0:10:0:c
2607:f8b0:4004:c06::9c
2607:f8b0:4006:806::200e
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2016
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2006
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2008
2607:f8b0:4006:824::200e
2620:1ec:21::14
2a02:6ea0:c454::1
2a03:90c0:9996::9996
3.222.253.102
34.111.113.62
34.200.2.144
34.36.214.49
35.190.30.115
35.211.202.130
35.212.212.222
35.244.154.8
35.245.40.102
37.157.2.230
44.196.77.126
50.16.11.35
50.16.216.198
51.222.239.230
52.223.40.198
54.198.143.18
54.224.234.232
64.202.112.95
67.202.105.24
67.202.105.34
68.67.160.114
8.28.7.81
8.28.7.82
8.28.7.83
80.77.87.163
01575905ac67e24013bcd19acc00f7671a845084870d568847360f3dc4a4fdae
019bc417ee2896bf035fd6ce6a0c927555d2d83cb56f25bb11ddc5549ace6f66
02100e72a94c97166a160feab0e6a8b7e8c3420f622e25e08f303d28a37a8b62
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
0a6fd2260a8310e8d7c7eef4d1d8958148c83b089a2d8fbe4114a39e4c3bd830
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b
0ed7133ff0e9270400c925d672bbae25c0d4af7df9a28dce8795ed31022ba597
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
11321c13ec847c653435ce51d860e608aec302056d9bc2cbdcafaed221a90599
186bcc05f5b870b7654a13f0263704082b3fbbce560aed44cdcb1b948cc1a081
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1e43d3f009fc3b6e90c13de5655bd02699517b4b32c82ed8c5489db819846718
21780069d1cee91747bc0305234c8d0209b20051fd5dd3dd81afac3184ae7de8
23dfaaf57b75ef87315be3e9433c3f4490f26e8d30bb6f01eca4a6a1985048ce
240aa53b9fa78467d57c2da5510d1412a2d2b3381dc5f418ef522eb705af705b
244e78367abd0c19f7f065ea29e6fb5433d63dda554f728d53daec8bea9aab43
24c081c957e05e485d630de709d6dc8def7a807c49ee010247a5224718d18fac
24e33e581a3352c9277f8ced01c7040dd558934a3c7d3f5d8e9ce3f1e01b6ca8
25a0be082d625832631400bfb4541a565d989ca1d86809c640412bfc9a224c83
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31b1a345723d3c3ac3eb9e1fa04dbda1819663c656820edbc7bb4b6af2b2ac88
32b45539cb50bea36f1261b75231ab26bd90bc25ce1c4733b01be2ed3aa785c4
32f068e51100198f6e72f2ec0bbb34e35044d485ee2dd1b5be2508035fcae251
3306aba68ef83063e3fe13461b1236b9d0d1e72fa0858238ebdd48313dc330d2
346d0ea3e86550adae9776f14e4e3fba945d8d7896b2de2909791c8c74a479ef
354d5352d22dea06f2e3cf1add1b456f8a1ca5b4d0a6b36ee859ac606d2c90eb
36aa52a9348b2a59c5145216004c98f64826bc554059f31f99b10ab289fa9944
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
406469a59292e52a233c636ae8e8d2ad8c60d69d7cc25b445e0a748870bbfe75
409acd596f57dab69119e634d7c2ac5fc7f6ca056a372631f1f24196ae8b7d4c
420d0d717f6749dbba330b6a933b9bc39046dc8015230657956d7b09d034323d
440292eb71e786da59d255d6ff27e9594fb838f1de59004822ab745d50521dc3
47d393c2a6b1494362d3c578e6bcac8235d4c43ac5f1cf0de81450206e298397
481798ea6ee2a7538ed4d90e252b7c96d343f58152171bf0e62ff9905b01b112
4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
501d928ee8a11d9b7973733c58e816acf0cde52e85802fce081cf732dd7223b9
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563be17210008f81c6818b9e0c921845950f1adad087b974c455f776d9ede863
5897c27186a4289348a8fb767512005415df28238b2eca7546bb50f372699780
589cdd2a2847a1c03989b45bcb37dbb31cfb1916f1213b06551eb1576ef6c8f4
607c5b7a8d645727e413a0a622dc0d7ffd6b859f62ed401b8f4b66d18c301c22
60d282aefb56b14a48336f0c7b5fd678f31625024977397d34542e25c2d8a448
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61145a610771746ee51df17b3f833b1ecb7943ec6c54911dc32b7c21d522d582
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
69514861aa04653157a8017a3df741d1c38bd6172953af777e59b163f0541894
6a3db81a6ce0bad0307b14177a8d796fa7bd518641dd4930e4976d66f821adaf
6b390b45c1aa0277fdf3e9edbc737ead2d23fef08283fbcf784cf77bc76bdb80
6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7163309e87661ef555f48a66e16ff192ae874b82a1c95138bd33a3b573d461e9
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
731995c6ab1325b2cdb3156b7f0fcde708995a597b297b17bd653dee428b23d9
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
751e79f2e164260d51dadea6f6fa5fd41e58b5b5b473ee2f982b275287390406
75cc3525ba0aed9259ab5dd98dec7ba539a198348923abf976224d2b1f4ff71b
769ccc1bf237cb4a03502994879523b208234469667053d4cb343dd29fb89bea
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
7924456b168de71bd95c60c12ca6ce33da0d399f2dc423a24b026420fe7f321c
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
7dd216584b4c5dbdf5c16f8a6d4982c6bcb7d9306ea0476e1e4aad0f2935422a
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7fea23fcfa5c62b0dea00665d0da4a425bd47776483ee77ac8037fe740e7d0e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834a3eda9a652fceb913541a280672d0fba0a906e4f4d15043bdd50e838d0dff
8e4bf5894d6b8840701a8b20149499440afd9638012f82ec6e83a57925d8077b
9054eb850682d3eb5239c7478a52bfae0ff44261d324f9dbf4a82e38fd90fc20
924e39a741acaac39cb98d2ec45d1902f798ba88051cb3a452b0bce81a50d96d
95177cc64ba652612c32382178011176f71a53ac9c2487c77ddc3c089272efd7
977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149
99def5790683cb1e6597f1035612c9e15ae95a91788544521fa43e78dd54d7b0
99ed516e8f20daec04aca95d7cb155247377f09aa2e5115a4a83439c67b54648
9a08af57f388223766f1cc56e7b7c97f0cb9ca3abd0895f92c498dcd71bce4e5
9ca601ccb4b804e78f547d0451200b8cf3f9ac3a88b11ff0fff17b1432226915
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1fd1f8d1281333e7e2b5500bbf118f6c45da4c51f1e8f44f143c0f137731f0c
a4c0655262433650e89faec568137b29aedb326140e4da8f23bf50a2bb25c420
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
b0350f6d6fc2942181daf38ad8263cbe9d79b2386b8c31ef1c1c17a57b48bd85
b17513e40d0d98530620a7ce10c2c79bff5951ac151c43815a734ecf5ef44b11
b7af15f4551d17f4689fda3b91709a7ebc48cb2a5b57a90441d94205877a9c83
b7f1850091524210fd723c5152d221a58eef7afe2a6de42aadcc74acd7b70c61
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bd886319fdd01f7017bc221e0c81238513874fab0c9204a474c9710095baa4ad
bef7eae7b6ba7742cc488dca22144fd360127adee720169586b4dd19a82f89b3
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c2fdedda9fb4d1af92f1219b6a6e709ebe9663b3a38a15ce6c0bb0f3394df22a
c6364520466e6700dbc53bcfe1e90267bab51f9ee55fa0afa5985106b9a787f1
c88fd9eda3b85df0dda6b8a580628f347cf64d9fe76900302616e03df0c5bc79
c96706c56efbb5ca6197b990e9972f0903d43c9b5e6ff9bb35ab80971dfd588d
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cc913cda5e84f3886936b3e1eacb5c134a8c946adf01c6dbffe42ed57b57d566
cd690267153455a14b38549f8af9da7c197e8e8e021efe28041b2c9350ed03de
cee395dd266b9aca9f8aaa4bd63c9ad9e79ac1a5f5a12992e32d6563ebd33c65
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
d3c9edef51f84c5aba02913c04dbd3952b060b0c7dadb2504906089af0771dc4
d3fad07c65f775731f7946c16d84f3b1df007e26dbaf658753522c4fd301a078
d77596c4be570bd6d50a598da9330fd260618c5f96a9f21d8228e32764c4be03
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e2aa56e4c0d992ca5448fc06f166c6c2150eeb56e7b2f14605575c1060b4b54d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e73a4ed372600b7fdf9c1e5a2a069c7127c09758b471cb312382de18278129ca
e7c95e2a4b8a672a5c71a2dc342170639196ff39a4b71ef8de77cac184bfa486
e801aa0bbbdeb0b7892830207a049f160989e2198a17fc17560dc6c8a892b051
e84428958b5216e221b962024631a522ee4152ddc92af6712dbce0798c67a7da
e9585a6a9f307b6dc246da04f48e50ec7b76735ca9bdd9d9c5f96564fb279be0
e9864dcf84a8454f6e555202b5713c5b3d66575f8abee347de008403fa8c14e9
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ede265f40080da12e38ffdffdac5cdb3d84ec442d71ba6aebed87041e91da029
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd8eea2b72a9271d1106d86dc9b44c3fa7bf4c5cddab3317adee45f9c09de19
f2b2a8a1fb15fbdd74a94eb7c8dfc5b9992cc436b2b678eef1cf6e162beb899e
f3683754aef6a5c112adf46e6e988a4790a1b844ac8067f105eacf42a70d6897
f4c3ff806ceb05bf996817ab3bfd1bf3497403851cd4b116b1f6c0ae0bedde63
f8313adcaa50d3de366508ea75fa1493de5f6023c7068ef7284b377f24dfe10e
f8c1688775082e4596a2213fb04684c036d7040929152a957e14ee00e2d3dc49
fb53fabc05829893de8084627ad842fe1807c0eadf634985c3a9405369916914
fb5894da8f26bdefc18dbea66e1ec3e305c07ec483fb3740b0c815bae0f26317
fbfef3ab353d3d8b622bb0cc5f8f58dadc158af911f6c3875dd32c20dab03f1c
ff0350a8ea37795864aa65231f570e2876494faa9377357f7e4dc67e8e91f9f8

beforeitsnews.com Open in urlscan Pro 172.67.141.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

242 Requests

81 %HTTPS

27 %IPv6

63 Domains

100 Subdomains

62 IPs

7 Countries

4447 kBTransfer

8564 kBSize

207 Cookies

20 Outgoing links

Page URL History

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

beforeitsnews.com Open in urlscan Pro
172.67.141.76 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

81 %
HTTPS

27 %
IPv6

63
Domains

100
Subdomains

62
IPs

7
Countries

4447 kB
Transfer

8564 kB
Size

207
Cookies

242 HTTP transactions
2 data transactions