beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://beforeitsnews.com/v3/
Effective URL:
https://beforeitsnews.com/
Submission: On February 23 via manual (February 23rd 2021, 7:46:59 am UTC) from US

Summary HTTP 208 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 41 domains to perform 208 HTTP transactions. The main IP is 2606:4700:10::6816:4a8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	2606:4700:10:... 2606:4700:10::6816:4a8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	169.59.64.184 169.59.64.184	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
20	185.59.220.198 185.59.220.198	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	89.40.36.137 89.40.36.137	50939 (SPACE-AS) (SPACE-AS)
2	52.217.102.22 52.217.102.22	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3032::ac43:b25b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:e980:1fe... 2a02:e980:1fe::ad	19551 (INCAPSULA) (INCAPSULA)
4	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2620:12a:8000::4 2620:12a:8000::4	54113 (FASTLY) (FASTLY)
1	144.82.250.24 144.82.250.24	786 (JANET Jis...) (JANET Jisc Services Limited)
1	104.18.64.15 104.18.64.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.124.249.61 192.124.249.61	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2600:9000:212... 2600:9000:2127:d600:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.20.109 65.9.20.109	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	93.184.221.168 93.184.221.168	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
23	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	65.9.20.110 65.9.20.110	16509 (AMAZON-02) (AMAZON-02)
4	64.62.227.19 64.62.227.19	6939 (HURRICANE) (HURRICANE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:fe00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:d800:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1	52.29.155.194 52.29.155.194	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	3.124.46.162 3.124.46.162	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.183.62 18.194.183.62	16509 (AMAZON-02) (AMAZON-02)
2 2	34.252.253.152 34.252.253.152	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
6	2600:9000:20d... 2600:9000:20d7:7c00:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
208	53

44 2606:4700:10::6816:4a8a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.59.64.184 (United States)

ASN36351 (SOFTLAYER, US)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.40.36.137 (Romania)

ASN50939 (SPACE-AS, RO)

amg-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.102.22 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:b25b (United States)

ASN13335 (CLOUDFLARENET, US)

www.anhinternational.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:e980:1fe::ad (United States)

ASN19551 (INCAPSULA, US)

www.port.ac.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:12a:8000::4 (United States)

ASN54113 (FASTLY, US)

news.harvard.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.82.250.24 (United Kingdom)

ASN786 (JANET Jisc Services Limited, GB)
PTR: wwwr-02-188-d04-vip.ucl.ac.uk

www.ucl.ac.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.64.15 (United States)

ASN13335 (CLOUDFLARENET, US)

i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.61 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)

stateofthenation2012.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:d600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.20.109 (Orlando, United States)

ASN16509 (AMAZON-02, US)

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.221.168 (London, United Kingdom)

ASN15133 (EDGECAST, US)

i.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 65.9.20.110 (Orlando, United States)

ASN16509 (AMAZON-02, US)

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.62.227.19 (San Jose, United States)

ASN6939 (HURRICANE, US)

ajax.beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:fe00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:d800:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.155.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.124.46.162 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.183.62 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-183-62.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.253.152 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20d7:7c00:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	beforeitsnews.com 1 redirects beforeitsnews.com img.beforeitsnews.com ajax.beforeitsnews.com	833 KB
23	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	253 KB
21	youtube.com www.youtube.com img.youtube.com	1 MB
20	bitchute.com static-3.bitchute.com	723 KB
17	tradingview.com s3.tradingview.com s.tradingview.com s3-symbol-logo.tradingview.com	334 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	82 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net static.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	37 KB
8	googleapis.com fonts.googleapis.com www.googleapis.com translate.googleapis.com	100 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	google.com www.google.com translate.google.com	15 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	google-analytics.com www.google-analytics.com	56 KB
4	rmbl.ws i.rmbl.ws	5 MB
4	ytimg.com i.ytimg.com	216 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
3	rumble.com rumble.com	31 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	lockerdome.com lockerdome.com	3 KB
2	ggpht.com yt3.ggpht.com	6 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	blogspot.com 1.bp.blogspot.com	213 KB
2	amazonaws.com s3.amazonaws.com	1 MB
2	amg-news.com amg-news.com	1 MB
2	rddywd.com rddywd.com	1 KB
1	lentainform.com cm.lentainform.com	623 B
1	smartadserver.com rtb-csync.smartadserver.com	684 B
1	idealmedia.io cm.idealmedia.io	556 B
1	google.de www.google.de	107 B
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	stateofthenation2012.com stateofthenation2012.com	184 KB
1	imgflip.com i.imgflip.com	74 KB
1	ucl.ac.uk www.ucl.ac.uk	71 KB
1	harvard.edu news.harvard.edu	38 KB
1	port.ac.uk www.port.ac.uk	61 KB
1	anhinternational.org www.anhinternational.org	275 KB
1	googlesyndication.com pagead2.googlesyndication.com	48 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
208	41

	Domain	Requested by
23	beforeitsnews.com	1 redirects beforeitsnews.com ajax.cloudflare.com
21	img.beforeitsnews.com	beforeitsnews.com
20	static-3.bitchute.com	beforeitsnews.com
18	www.youtube.com	beforeitsnews.com www.youtube.com
10	s-img.mgid.com
10	s.tradingview.com	s3.tradingview.com s.tradingview.com
6	s3-symbol-logo.tradingview.com	s.tradingview.com
6	cm.mgid.com	jsc.mgid.com
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc beforeitsnews.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com beforeitsnews.com
5	x.bidswitch.net	5 redirects
4	ajax.beforeitsnews.com	beforeitsnews.com
4	www.google-analytics.com	rumble.com www.googletagmanager.com www.google-analytics.com
4	www.gstatic.com	www.youtube.com translate.googleapis.com
4	i.rmbl.ws	rumble.com beforeitsnews.com
4	www.google.com	www.youtube.com
4	i.ytimg.com	beforeitsnews.com www.youtube.com
3	stats.g.doubleclick.net	www.google-analytics.com lockerdome.com
3	cdn.mgid.com	jsc.mgid.com
3	googleads.g.doubleclick.net	1 redirects www.youtube.com
3	img.youtube.com	beforeitsnews.com
3	rumble.com	beforeitsnews.com rumble.com
2	match.adsrvr.org	2 redirects
2	a.sportradarserving.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	servicer.mgid.com	jsc.mgid.com
2	jsc.mgid.com	beforeitsnews.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	www.googletagmanager.com	ajax.cloudflare.com s.tradingview.com
2	1.bp.blogspot.com	beforeitsnews.com
2	s3.amazonaws.com	beforeitsnews.com
2	amg-news.com	beforeitsnews.com
2	rddywd.com	beforeitsnews.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.lentainform.com
1	cm.g.doubleclick.net	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	rtb-csync.smartadserver.com
1	cm.idealmedia.io
1	secure-assets.rubiconproject.com	1 redirects
1	www.google.de
1	l.sharethis.com	platform-api.sharethis.com
1	cdn.onesignal.com	beforeitsnews.com
1	cdn2.lockerdomecdn.com	beforeitsnews.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	translate.google.com	beforeitsnews.com
1	s3.tradingview.com	ajax.cloudflare.com
1	platform-api.sharethis.com	ajax.cloudflare.com
1	stateofthenation2012.com	beforeitsnews.com
1	i.imgflip.com	beforeitsnews.com
1	www.ucl.ac.uk	beforeitsnews.com
1	news.harvard.edu	beforeitsnews.com
1	www.port.ac.uk	beforeitsnews.com
1	www.anhinternational.org	beforeitsnews.com
1	www.googleapis.com	beforeitsnews.com
1	pagead2.googlesyndication.com	beforeitsnews.com
1	ajax.cloudflare.com	beforeitsnews.com
1	fonts.googleapis.com	beforeitsnews.com
208	62

This site contains links to these domains. Also see Links.

Domain
www.herbanomic.com
www.braintuner.com
www.fincabayano.net
tinyurl.com
mitocopper.com
69b3d4-ogey4faauklimid7y6d.hop.clickbank.net
6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net
forum.beforeitsnews.com
www.youtube.com
3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net
widgets.mgid.com
herbeauty.co
polaraidhealth.com
50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net
telegram.org
t.me
db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net
6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.rumble.com DigiCert SHA2 Secure Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
static-3.bitchute.com R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
amg-news.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.port.ac.uk QuoVadis Global SSL ICA G3	`2020-02-18` - `2022-02-18`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
hvd.gs R3	`2021-01-31` - `2021-05-01`	3 months	crt.sh
www.ucl.ac.uk QuoVadis Europe EV SSL CA G1	`2020-12-18` - `2021-12-18`	a year	crt.sh
stateofthenation2012.com Go Daddy Secure Certificate Authority - G2	`2020-05-14` - `2021-05-14`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.tradingview.com Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
s3.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-09-30` - `2021-10-31`	a year	crt.sh
beforeitsnews.com R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh

This page contains 14 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 8A9F944F2C5128BA6FC9243994246D32
Requests: 135 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4PSg23TeK20
Frame ID: 11D624879BE2BCD2EA540AC0F39845F9
Requests: 17 HTTP requests in this frame

Frame: https://rumble.com/embed/vbgsjb/?pub=hw409
Frame ID: 15E1CAE304512DF2B1E41068F9009261
Requests: 8 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211237
Frame ID: 90A69B3C80B1CE169D68C186D53201F0
Requests: 2 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211237
Frame ID: 9C6D17E7006489105F9707084281B6B1
Requests: 5 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
Frame ID: 4F22349225B9A6DCCB90344F08ED73B4
Requests: 18 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 24054DB915FB0FE7D7E819873D695948
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 46C476F6519D0E08C79FE014BB22D910
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Frame ID: 59273769A9294A3B5804547D8ACF2B9D
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1614066397944216977913
Frame ID: 98A9429949A0F7EEBEBB1D99AFC0F159
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 5CC69267F0F6C873FEB448F313C2699E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 3ABE2F9F9375D3DC51BE19AD2FCDAF92
Requests: 3 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 4DD5F66E4C36ED6C5580F67C601F1B2A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SPhnRUU04-I
Frame ID: ACE00239E02B50EA1DDEC1969B491982
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://beforeitsnews.com/v3/ HTTP 302
https://beforeitsnews.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

208
Requests

100 %
HTTPS

57 %
IPv6

41
Domains

62
Subdomains

53
IPs

8
Countries

13317 kB
Transfer

18876 kB
Size

10
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbanomic.com/productdirectory
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.braintuner.com/radio-frequency-bcx/
Title: BCX UltraDeluxe Rife Provides Versatile Frequency Therapy to Your Body Through Low Electromagnetic Energy Waves

Search URL Search Domain Scan URL

URL: https://www.fincabayano.net/1_emigration/introduction/
Title: Change Your Horizon -- EMIGRATE WHILE YOU STILL CAN...

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y3wnvggc

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/emf-blocking-smart-meter-cover/
Title: Try THIS Smart Meter Shield and Cut Radiation by 98%! It's Why the Illuminati Are Freaking Out! (VIDEO)

Search URL Search Domain Scan URL

URL: https://69b3d4-ogey4faauklimid7y6d.hop.clickbank.net/?tid=WATERFS_BIN_EMAIL
Title: ALERT - Try This New Tech and You'll Never Run Out of Clean Drinking Water Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://6456bt1hdmvcfg3tqrvwp1zwh6.hop.clickbank.net/?tid=BINRTL1025
Title: Learn How To Manifest Anything You Desire In Life. Click Here For Proof

Search URL Search Domain Scan URL

URL: https://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://3a041z7eqo78sfbbhlwmvrrb91.hop.clickbank.net/?tid=BINPTL
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

URL: https://herbeauty.co/lifestyle/15-countries-where-men-have-difficulties-finding-a-wife-due-to-a-shortage-of-women/

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humic-fulvic-liquid-trace-mineral-complex
Title: Experience Vitality - Directly From Nature - Humic & Fulvic Trace Minerals Complex

Search URL Search Domain Scan URL

URL: https://polaraidhealth.com/buy/
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=beforeitsnews.com&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://herbeauty.co/fashion/12-best-and-worst-fashion-trends-of-all-time/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/entertainment/7-beloved-movies-that-would-be-problematic-today/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/foodtravel/8-easy-exotic-meals-anyone-can-make/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/beauty/victorias-secret-trainer-reveals-8-easy-steps-to-a-perfect-body/

Search URL Search Domain Scan URL

URL: https://50793w5dgd62df1ilj6fw-3zc1.hop.clickbank.net/?tid=BINRTL21129
Title: Have You Been Struggling With Obesity But Can’t Figure Out Why? You MUST Watch This Now!

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://mitocopper.com/products/emf-blocking-smart-meter-cover
Title: DANGER - Shield Your Smart Meter! Protect Your Family from Illuminati Kill Grid!

Search URL Search Domain Scan URL

URL: https://db678s2nmc8zpd48ggrezkqj93.hop.clickbank.net/?tid=BINRTL1
Title: Finally Revealed! Scientist Gives The Real Cause Of Weight Gain! See Video

Search URL Search Domain Scan URL

URL: https://6be7dtxjplv-n5bgmpv8ozxxlu.hop.clickbank.net/?tid=BINRTL1&s=suggesteda
Title: How To Easily Manifest Anything You Wish Using Quantum Physics

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://beforeitsnews.com/v3/ HTTP 302
https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 161

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 162

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e543eaeb-636b-4fd2-acd5-3c09873b18f2&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=61fe6e2f-cf28-481e-96d3-0adb910da14f&gdpr=&gdpr_consent=&us_privacy=

Request Chain 163

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=3404807c-7f65-4f56-bd1c-42bb122d23fa&ttl=1616658398

Request Chain 165

https://x.bidswitch.net/sync?dsp_id=303&user_id=l1mBOKpePFKn HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l1mBOKpePFKn HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=61fe6e2f-cf28-481e-96d3-0adb910da14f&gdpr=&gdpr_consent=

Request Chain 166

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=McodVc1AhfJABslyOr1S&pi=mgid&tc=1

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFtQk9LcGVQRktu&muidn=l1mBOKpePFKn HTTP 302
https://cm.mgid.com/google?muidn=l1mBOKpePFKn&google_ula={guid},5&google_gid=CAESEOE95coyUW7p4iPHNhitGQ0&google_cver=1

208 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beforeitsnews.com/
Redirect Chain

https://beforeitsnews.com/v3/
https://beforeitsnews.com/

121 KB
23 KB

599ms
599ms

Document
text/html

2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c76a2c1348a529c4beb75b1987013cebad0b3d8ee758a8f124bc9500549e1c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: beforeitsnews.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d16367838a39ca505d7be6e557657e2271614066395; SERVERID=s3; __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyFzrzVcrXaeT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-type: text/html; charset=UTF-8
cf-ray: 625f557c9ff9dfeb-FRA
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
cf-request-id: 086f73c1df0000dfebf78de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 23 Feb 2021 07:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d16367838a39ca505d7be6e557657e2271614066395; expires=Thu, 25-Mar-21 07:46:35 GMT; path=/; domain=.beforeitsnews.com; HttpOnly; SameSite=Lax; Secure SERVERID=s3; path=/ __cflb=0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyFzrzVcrXaeT; SameSite=Lax; path=/; expires=Tue, 23-Feb-21 10:04:35 GMT; HttpOnly
location: /
cf-ray: 625f557a4df1dfeb-FRA
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT
last-modified: Tue, 23 Feb 2021 07:46:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
access-control-max-age: 3628800
cf-request-id: 086f73c0690000dfeb2ebe9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-frame-options: SAMEORIGIN
x-pingback: http://beforeitsnews.com/xmlrpc.php
vary: Accept-Encoding
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js Show response
beforeitsnews.com/cdn-cgi/apps/head/ 4 KB
2 KB 17ms
15ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 602748
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3294CE57C1BECB73
x-amz-id-2: IlYGlurCQhsr8ULw52Ie9eVGsIk4yQtsu/qQkjz4JTbo6nkcmSmbMTgByvawinkd1yJpr4QNKYs=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"165501590067c5189e81c831f77f81ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tjjN.jFT95DY_pkhk6.cTP9tpZK602Ny
cf-request-id: 086f73c43e0000dfebaa9d5000000001
cf-ray: 625f55806bdbdfeb-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
712 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 07:46:36 GMT
server: ESF
date: Tue, 23 Feb 2021 07:46:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 07:46:36 GMT

GET
H2 200 global-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 15 KB
3 KB 30ms
29ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316844
cf-polished: origSize=15665
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c43e0000dfebecada000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-3d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 625f55806bdcdfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:51 GMT

GET
H2 200 fancybox-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 8 KB
2 KB 23ms
23ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316844
cf-polished: origSize=8029
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c43f0000dfebf78f9000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-1f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 625f55806bdddfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:51 GMT

GET
H2 200 home-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 28 KB
6 KB 26ms
26ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/home-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316844
cf-polished: origSize=29022
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c43e0000dfebcf1d3000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-715e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 625f55806bdedfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 responsive-bin-rev-20210219.css
beforeitsnews.com/static/css-v3/ 20 KB
3 KB 33ms
32ms Stylesheet
text/css 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/css-v3/responsive-bin-rev-20210219.css

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

310eaeee814d79e97a48c1859c4d0187ffc24b92fec8f2b7a190b56448f776d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316844
cf-polished: origSize=20488
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c43e0000dfebf1a01000000001
last-modified: Fri, 19 Feb 2021 15:32:29 GMT
server: cloudflare
etag: W/"602fda0d-5008"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 625f55806bdfdfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 top-logo.png
img.beforeitsnews.com/img/v3/ 2 KB
2 KB 34ms
23ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/top-logo.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 461977
cf-polished: origFmt=png, origSize=2219
content-disposition: inline; filename="top-logo.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1886
cf-request-id: 086f73c45e0000dfebd78a4000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 23:26:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55809c12dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 loading.gif
img.beforeitsnews.com/img/v3/ 14 KB
14 KB 37ms
26ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/loading.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 468664
cf-polished: origFmt=gif, origSize=38375
content-disposition: inline; filename="loading.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14030
cf-request-id: 086f73c45e0000dfeba8b78000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-95e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 21:35:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55809c13dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 ads.png
img.beforeitsnews.com/img/v3/ 34 B
251 B 36ms
25ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/v3/ads.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 881437
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ads.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
cf-request-id: 086f73c45d0000dfebe98ba000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 13 Feb 2022 02:55:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55809c10dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/n21rsI4joho/ 17 KB
18 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/n21rsI4joho/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21eee0cd66c42d294aac779d0c9190fc8176bcdb6bf40fb77ab037625413c331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:44:26 GMT
x-content-type-options: nosniff
server: sffe
age: 130
etag: "1612249615"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17848
x-xss-protection: 0
expires: Tue, 23 Feb 2021 09:44:26 GMT

GET
H2 200 scientist_reveals_real.jpg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 41ms
31ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/scientist_reveals_real.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 464718
cf-polished: origFmt=jpeg, origSize=55516
content-disposition: inline; filename="scientist_reveals_real.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46020
cf-request-id: 086f73c45c0000dfeb28b14000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-d8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:41:18 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55809c0edfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 emigrate2.jpeg
img.beforeitsnews.com/img/banner2020/ 55 KB
55 KB 33ms
23ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/emigrate2.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3745379
cf-polished: origSize=56198, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55905
cf-request-id: 086f73c45d0000dfebdabeb000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-db86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55809c0fdfeb-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 polaraidhealth.jpeg
img.beforeitsnews.com/img/banner2020/ 45 KB
45 KB 40ms
30ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/polaraidhealth.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3745379
cf-polished: origSize=46655, status=webp_bigger
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46365
cf-request-id: 086f73c45d0000dfebe53cd000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-b63f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55809c11dfeb-FRA
expires: Mon, 10 Jan 2022 23:23:37 GMT

GET
H2 200 BCX_Rife350x290.jpg
img.beforeitsnews.com/img/banner2020/ 36 KB
36 KB 23ms
22ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/img/banner2020/BCX_Rife350x290.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 602860
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36512
cf-request-id: 086f73c4750000dfebc7ae2000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-8ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 08:18:56 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f5580bc37dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 31ms
13ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 086f73c4650000d6cd3b843000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8aDA%2BONo3iI%2BztUyLz3sglU8lkreCdCOO8JU4c4%2F99IKC2MyLbzjxB94UTSdcvN%2FsSp71MdH9AAG9vOxHj65PhYU96cW7qD38MGnaLHzlrxo%2Bp3zOfSTsKFIDU9%2FvQ0a"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 625f5580a9f9d6cd-FRA
expires: Thu, 25 Feb 2021 07:46:36 GMT

GET
H2 200 Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js Show response
beforeitsnews.com/cdn-cgi/apps/body/ 4 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/cdn-cgi/apps/body/Y_i6i3RGqrSzdzFtXwFQ12fb-Fk.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/apps/head/oyQ4dK3vnGDhHwj-2hdu0ciR6rs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 4387383
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BS7S1H3H1K4GBQ7P
x-amz-id-2: QjApP71jKYVGRAdkz9Q9P6OqBxHUujj3Ssfx891KJE0sEVGRFVTs3J5cx2ZDaBvfdzUqDnivfaM=
last-modified: Fri, 09 Oct 2020 17:38:05 GMT
server: cloudflare
etag: W/"93a3e7d84b15a0c8a8a9e4e6c8779aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3R09nKFA1fkBWMCXCpPvkqre3wT0snqV
cf-request-id: 086f73c4540000dfebf4112000000001
cf-ray: 625f55808c02dfeb-FRA

GET
H2 200 4PSg23TeK20 Show response
www.youtube.com/embed/ Frame 11D6 51 KB
22 KB 47ms
47ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4PSg23TeK20

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31edad81f347e211c853130f9dd18a66aa408ca35662d139407d71182f0766b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/4PSg23TeK20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Feb 2021 07:46:36 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=6kw2-znjGlw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=-uBTSyN0oLM; Domain=.youtube.com; Expires=Sun, 22-Aug-2021 07:46:36 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+826; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
rumble.com/embed/vbgsjb/ Frame 15E1 16 KB
7 KB 380ms
132ms Document
text/html 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vbgsjb/?pub=hw409

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

nginx /

Resource Hash

04d392b2b51c75683f2772eaed404030d0ab5261aacb876e443cb1479ed5fcc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

:method: GET
:authority: rumble.com
:scheme: https
:path: /embed/vbgsjb/?pub=hw409
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

server: nginx
date: Tue, 23 Feb 2021 07:46:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/ve2ypf-bill-gates-now-says-a-third-shot-may-be-necessary-now-hes-turning-to-global.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54064774d90d69cd25d9f7ffbe4af70bb93af95322ebf09159d7a55b940598e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48566
x-xss-protection: 0
server: cafe
etag: 5526342013382828443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Feb 2021 07:46:36 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
700 B 43ms
11ms Script
application/javascript 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5694
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9
cf-request-id: 086f73c48700002c267d0bc000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FdENMlYEnQUhVSPjDMXdsaeRpUOW3U2xAZMowYJTcFAxu98Pq2zv6xz%2FBaJYJl6%2BjeP0AHEpQNpVctwdmoFImbXQmmCyq%2B3xoQt2rpaNrWJ6%2F4nNfjAS"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 625f5580de5f2c26-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
752 B 42ms
18ms Image
image/gif 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 84652
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 086f73c47f0000d6f1cc2ac000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AwOHZizp%2BuDJg%2BZB9oGwjIZ4dvXNoZV1SzagG7rfvcT9fDhF4%2BCj8%2B5mOpOpwgMxVoxqdKm7NRCBZ1o8EMaUWGZRPE93NxRQl5vMKBY1cM%2FZ0X57KWOm"}],"max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 625f5580cd2ad6f1-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
182 B 27ms
5ms Image
text/plain 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 top-bg.png
beforeitsnews.com/img/v3/ 100 B
333 B 23ms
23ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/top-bg.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 463884
cf-polished: origFmt=png, origSize=164
content-disposition: inline; filename="top-bg.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100
cf-request-id: 086f73c4690000dfeba90f5000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:55:12 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 625f5580ac21dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 search.png
beforeitsnews.com/img/b4in/ 686 B
987 B 22ms
21ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/b4in/search.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 463840
cf-polished: origFmt=png, origSize=805
content-disposition: inline; filename="search.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 686
cf-request-id: 086f73c46f0000dfebca3b5000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:55:56 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 625f5580bc2bdfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 culturebg.jpg
beforeitsnews.com/img/v3/ 15 KB
15 KB 24ms
23ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/culturebg.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1708892
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15334
cf-request-id: 086f73c4720000dfebf78fb000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-3be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 625f5580bc33dfeb-FRA
expires: Thu, 03 Feb 2022 13:05:04 GMT

GET
H2 200 BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 42 KB
42 KB 26ms
26ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1708877
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43060
cf-request-id: 086f73c4730000dfebcf1d5000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: private, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 625f5580bc34dfeb-FRA
expires: Thu, 03 Feb 2022 13:05:19 GMT

GET
H2 200 logo-bottom.jpg
beforeitsnews.com/img/v3/ 2 KB
3 KB 20ms
20ms Image
image/webp 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/v3/logo-bottom.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/static/css-v3/global-bin-rev-20210219.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 463998
cf-polished: origFmt=jpeg, origSize=2574
content-disposition: inline; filename="logo-bottom.webp"
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
cf-request-id: 086f73c4730000dfeb14aa6000000001
last-modified: Fri, 25 Dec 2020 03:29:54 GMT
server: cloudflare
etag: "5fe55cb2-a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 22:53:18 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 625f5580bc35dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 13 KB
13 KB 7ms
6ms Font
font/woff 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 01:10:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:06 GMT
server: sffe
age: 282951
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13064
x-xss-protection: 0
expires: Sun, 20 Feb 2022 01:10:45 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2
fonts.gstatic.com/s/scada/v9/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v9/RLp8K5Pv5qumeVrU6CEnT1bEZ_E4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:15:51 GMT
server: sffe
age: 389083
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9028
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:53 GMT

GET
H2 200 GIbILFHZpS7X_640x360.jpg
static-3.bitchute.com/live/cover_images/44tlv2gckwoL/ 34 KB
34 KB 169ms
69ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/44tlv2gckwoL/GIbILFHZpS7X_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

3a5ab2d2ac9994e326a1fc12731158871a83dafea68f5e09d599c1fdfb179366

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx000000000000022370dcd-00601d7002-43b5652-nyc3a
cdn-cachedat: 2021-02-05 17:19:15
cdn-pullzone: 89010
content-length: 34672
last-modified: Fri, 05 Feb 2021 16:08:31 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 87df2c198cca81f1c51e8be293d1071d
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 inscAtDhYN4HZtnFuBqDG6xg_640x360.jpg
static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/ 44 KB
44 KB 169ms
69ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/vWIqTOkHdfuQ/inscAtDhYN4HZtnFuBqDG6xg_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

7187ff1c53713a374a7946b2fc1683da10f623719082dba6d36f150e326527f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-22 19:26:11
cdn-pullzone: 89010
content-length: 44706
x-amz-request-id: tx00000000000002c11c268-006033f743-43b5652-nyc3a
last-modified: Mon, 22 Feb 2021 18:09:10 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 562cf549363d9cceb6f3216966809183
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 RDY3sonjCNOz_640x360.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 31 KB
31 KB 169ms
69ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/RDY3sonjCNOz_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

4be268e069cf2928f99749dc06354d9d488eeddd30609e074f6c56f376ba319e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000002c1b3e41-0060345231-43ba6e0-nyc3a
cdn-cachedat: 2021-02-23 01:54:09
cdn-pullzone: 89010
content-length: 31542
last-modified: Tue, 23 Feb 2021 00:46:00 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 1583cc9b090e21d5a156e6ed9cee7642
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 4S0SCY1E2kwE_640x360.jpg
static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/ 32 KB
32 KB 169ms
70ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oEqbnPG8c1fR/4S0SCY1E2kwE_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

3dc12a8b4eec98ace895bdda9f4e63c8e20814a9e6376d8b40fd62132aa75b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-21 17:00:07
cdn-pullzone: 89010
content-length: 32348
x-amz-request-id: tx00000000000002b3bf499-0060328387-43ba6e0-nyc3a
last-modified: Sun, 21 Feb 2021 15:13:42 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: bee0873486f74f1c0181416c83fefc58
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 gVGo280cxvX2r4axcTOSQHQe_640x360.jpg
static-3.bitchute.com/live/cover_images/BFwpmlvkLsJY/ 23 KB
23 KB 169ms
70ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/BFwpmlvkLsJY/gVGo280cxvX2r4axcTOSQHQe_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

ff90a7645bd6b34292930e3c5e85313feabe1b2a40783b58d09fa238fd05d702

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000000ce170dc-00601fb39b-46b98f5-nyc3a
cdn-cachedat: 2021-02-07 10:32:11
cdn-pullzone: 89010
content-length: 23399
last-modified: Sun, 07 Feb 2021 09:18:24 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: bfc6acfcad8c07ec84827ae5eed40d20
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/BVs5x8rp2Q8/ 8 KB
8 KB 14ms
8ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BVs5x8rp2Q8/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b148eae8f79297bd0c52cc41bca3d296bf903129417be6e0552917f76a101125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:15:02 GMT
x-content-type-options: nosniff
server: sffe
age: 1894
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8597
x-xss-protection: 0
expires: Tue, 23 Feb 2021 09:15:02 GMT

GET
H2 200 YfyTOhbsY7FP_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 90 KB
90 KB 169ms
70ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/YfyTOhbsY7FP_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

b6b54686d73941246bd7d98dbc2b4424addbd03ad27a4760e3ee8a6b9224fb6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000002bacc751-0060330989-43b55da-nyc3a
cdn-cachedat: 2021-02-22 02:31:53
cdn-pullzone: 89010
content-length: 91950
last-modified: Mon, 22 Feb 2021 01:15:30 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 664a94ccc08a80fc8e14fd56b95e640f
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 Virus.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 69 KB
70 KB 28ms
22ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/Virus.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

546f51b3ea22ede0d5ed26f7686f15bdbd300c066497554511de916b813437ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1423905
cf-polished: origSize=83836, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70993
cf-request-id: 086f73c4dd0000dfeb14aaa000000001
last-modified: Tue, 28 Jan 2020 00:57:08 GMT
server: cloudflare
etag: "5e2f86e4-1477c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 06 Feb 2022 20:14:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55816cecdfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/GK9_OwUkI2E/ 17 KB
17 KB 12ms
6ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/GK9_OwUkI2E/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcbdc7b5d065e78ec9ac4157d720edb83e6d1fd34c0818355eeb2e2fd205bcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:17:58 GMT
x-content-type-options: nosniff
server: sffe
age: 1718
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17681
x-xss-protection: 0
expires: Tue, 23 Feb 2021 09:17:58 GMT

GET
H2 200 Rdf1ef39bf86cf38b6579e4466cb92306(2).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 29 KB
29 KB 30ms
24ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Rdf1ef39bf86cf38b6579e4466cb92306(2).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1d8730347537478b70a1be17394e1ef0bdffce6ba082c43eafd663b378d9834

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 227267
cf-polished: origSize=33003, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29478
cf-request-id: 086f73c4dd0000dfebf1a08000000001
last-modified: Sat, 20 Feb 2021 16:21:01 GMT
server: cloudflare
etag: "603136ed-80eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 20 Feb 2022 16:38:49 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55816ceddfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5N6Ugw0CuVkc_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 72 KB
73 KB 71ms
67ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/5N6Ugw0CuVkc_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

1d5b29d858d79d8bf60f8e542a3bb69472f5c9a1c93193a7a4d5e5a50e2e35c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 2021-02-20 06:16:20
cdn-pullzone: 89010
content-length: 74179
x-amz-request-id: tx00000000000002a9dd906-0060309b23-43b5652-nyc3a
last-modified: Sat, 20 Feb 2021 04:47:58 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: df401f35a7df0d9ead9b09b3abd8504c
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 YOEf4SrxQut6_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ 62 KB
63 KB 71ms
67ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/YOEf4SrxQut6_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

7da761b03d01e70b429f611776670b9201d942249a07b3614048667da1ecb9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-23 03:46:43
cdn-pullzone: 89010
content-length: 63564
x-amz-request-id: tx00000000000002c284d27-0060346c93-43ba6e0-nyc3a
last-modified: Tue, 23 Feb 2021 02:41:01 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 41fce34a1f60d01039d96d7030f78391
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 SK7AaTXLiXvmSlenKHUOwy9u_640x360.jpg
static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/ 38 KB
38 KB 71ms
67ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/hYAwjR83sVSl/SK7AaTXLiXvmSlenKHUOwy9u_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

00bd120743d2d1b5e52bc521a46b32395921257bc015fb7a8d300ca0d0751f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000002ac0431e-006030f905-43b5652-nyc3a
cdn-cachedat: 2021-02-20 12:56:54
cdn-pullzone: 89010
content-length: 38435
last-modified: Sat, 20 Feb 2021 11:55:41 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 7aa08834722e7f3501706301321df6f6
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 medical_logo_188822.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 21 KB
21 KB 26ms
24ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/medical_logo_188822.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a7166a9bf611075509f6daab98e6c808afc3316c14f4bfe1459b5bea17aca24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 393302
cf-polished: origSize=21966, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21582
cf-request-id: 086f73c4e50000dfeb0e13b000000001
last-modified: Sun, 27 Aug 2017 13:03:13 GMT
server: cloudflare
etag: "59a2c311-55ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 18 Feb 2022 18:31:34 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55816cffdfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 0-2-960x559.png
amg-news.com/wp-content/uploads/2021/02/ 751 KB
751 KB 220ms
69ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/02/0-2-960x559.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 163cc5bd0a3f3045ee6d4f046ad35361f6a74f4a00710349ca53a224ac7b3909

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
last-modified: Wed, 17 Feb 2021 16:35:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 768755
expires: Tue, 02 Mar 2021 07:46:36 GMT

GET
H2 200 7mSEg691n8Ip_640x360.jpg
static-3.bitchute.com/live/cover_images/8LyqCWp3SSH4/ 32 KB
32 KB 141ms
69ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/8LyqCWp3SSH4/7mSEg691n8Ip_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

ce9a2c645aec6b5baf9ff6d8704f5cbb098ae455414259627a712eced90ac4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 722
x-amz-request-id: tx000000000000015e1274c-0060342069-46b98f5-nyc3a
cdn-cachedat: 2021-02-22 22:21:46
cdn-pullzone: 89010
content-length: 32696
last-modified: Mon, 22 Feb 2021 21:06:56 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: a6425f280244f9200d7706752e4801f1
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 JenTjx0bmEWF_320x180.jpg
static-3.bitchute.com/live/cover_images/LPYIJuMHYEz0/ 34 KB
34 KB 120ms
49ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/LPYIJuMHYEz0/JenTjx0bmEWF_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

6c2d786e6f8dc0814a04b487dbe6783d5ee4b4cddd132ae9becc93b144138a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx00000000000002b9f8eed-006032f72c-43b5652-nyc3a
cdn-cachedat: 2021-02-22 01:13:32
cdn-pullzone: 89010
content-length: 34429
last-modified: Sun, 21 Feb 2021 23:51:07 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: c36eae1a0a1f52156fa7833501120f1a
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 OIP%20(25)(6).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
16 KB 19ms
18ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(25)(6).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d14382d0bc86ecb1eccae9e8ed903432986d6e8d572f16fe1b0903717a5e5e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 17917
cf-polished: origSize=16770, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15414
cf-request-id: 086f73c4ef0000dfeb118c1000000001
last-modified: Tue, 23 Feb 2021 02:28:49 GMT
server: cloudflare
etag: "60346861-4182"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 23 Feb 2022 02:47:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55817d15dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 iXHABln2yXWO_640x360.jpg
static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/ 33 KB
33 KB 134ms
62ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/1uDxpDogKMs9/iXHABln2yXWO_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

22341a5efa5fb6d62c0424ea158e0a925c2e281d0f7ac4b85b1b5c6946bab6d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-22 15:21:55
cdn-pullzone: 89010
content-length: 33556
x-amz-request-id: tx00000000000002bf847d2-006033be03-43b55da-nyc3a
last-modified: Mon, 22 Feb 2021 14:14:42 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: d7db7a75cb4ae6d219aad735f3003606
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 OIP%20(1)(39).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 21 KB
22 KB 21ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(1)(39).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d9e978de5c5632121b45c98aa84b6b6e816dca67928093fef8e186e749925da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49868
cf-polished: origSize=23161, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21801
cf-request-id: 086f73c4f00000dfeb00107000000001
last-modified: Mon, 22 Feb 2021 17:42:41 GMT
server: cloudflare
etag: "6033ed11-5a79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 17:55:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55817d16dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 PjDKM4N15UZ7D1lEtC9FTJoX_640x360.jpg
static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/ 15 KB
16 KB 71ms
67ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/PjDKM4N15UZ7D1lEtC9FTJoX_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

d7fee305e00cdf2564b19f2ce784e9b7ea43e2f0d31b974f2a3573b1b72ffca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-01-18 17:36:04
cdn-pullzone: 89010
content-length: 15518
x-amz-request-id: tx000000000000017191a9a-006005b8f4-43ba6e0-nyc3a
last-modified: Mon, 18 Jan 2021 15:48:22 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: ed011909189cda5a30f50f67c7a055aa
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 OIP%20(23)(1).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 15 KB
16 KB 20ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP%20(23)(1).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c27b51fbe75ac10fa50e1d74506eb92c2ba81014abeee79042db03ed06a64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 579881
cf-polished: origSize=16900, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15731
cf-request-id: 086f73c4f00000dfebb63a7000000001
last-modified: Tue, 16 Feb 2021 14:29:14 GMT
server: cloudflare
etag: "602bd6ba-4204"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 14:41:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55818d19dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 iP982uxquR3u_640x360.jpg
static-3.bitchute.com/live/cover_images/AMhoJpc4Zf2T/ 25 KB
25 KB 71ms
68ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/AMhoJpc4Zf2T/iP982uxquR3u_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

bb7e9dcf46c3e28648a9eefe825726629633a1ca87f1a040c310dc3a28ea6cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 723
x-amz-request-id: tx000000000000029b2d392-00602e8989-43b55da-nyc3a
cdn-cachedat: 2021-02-18 16:36:41
cdn-pullzone: 89010
content-length: 25331
last-modified: Thu, 18 Feb 2021 01:30:20 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 5c5b54928c2a59f988e3b935cf8180bc
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 2d2aa930-2bbc-4b21-b377-0b11bf4e4b72
s3.amazonaws.com/webseed-realvideo-thumbnail/poster/ 69 KB
70 KB 471ms
151ms Image
image/jpeg 52.217.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/poster/2d2aa930-2bbc-4b21-b377-0b11bf4e4b72
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.102.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48958ed51962a648fc7fda3620731d6a8340a0c0b5df1c4253e10d066361c2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 07:46:37 GMT
Last-Modified: Sun, 27 Dec 2020 22:02:23 GMT
Server: AmazonS3
x-amz-request-id: BC8671B3D765F20C
ETag: "363af19cfb1128a7dbaa5f8080f6c727"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 71095
x-amz-id-2: XotX2IO8H6B4xicBKJKZjZT0ZXvIAz4CZ/LS26zpQ/ELbULWvNDRvHkktej6KlMOR0GrlcWRMk8=

GET
H2 200 n5uyq5cQ2uz5_640x360.jpg
static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/ 33 KB
34 KB 74ms
70ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/9EB8glubb0Ns/n5uyq5cQ2uz5_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

4abebe6bdf30589cb389f88f90ac59f800c5d9c9fd4c8b2117b1fc8712ed78c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 601
age: 0
cdn-cachedat: 2021-02-22 15:33:38
cdn-pullzone: 89010
content-length: 33890
x-amz-request-id: tx00000000000002bf41086-006033c0c2-43b5652-nyc3a
last-modified: Mon, 22 Feb 2021 14:17:42 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 33ea850851824c0318308c9f8117defb
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 OIP(76).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 17 KB
17 KB 20ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/OIP(76).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cdbe83db568eb7ac1ba83daaff0c6357d863d6f8b31b93390ef4bd598e1c815

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 51135
cf-polished: origSize=19312, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17686
cf-request-id: 086f73c4f10000dfeb28b1b000000001
last-modified: Mon, 22 Feb 2021 17:17:07 GMT
server: cloudflare
etag: "6033e713-4b70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 17:34:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55818d20dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 unnamed%20(3)(8).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 48 KB
48 KB 19ms
18ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/unnamed%20(3)(8).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ed42fc094572e6378e5d18b652dc906de75340a06f725f70c5bb799beeff089

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 17662
cf-polished: origSize=52361, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49062
cf-request-id: 086f73c4f30000dfebe98bf000000001
last-modified: Tue, 23 Feb 2021 02:35:18 GMT
server: cloudflare
etag: "603469e6-cc89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 23 Feb 2022 02:52:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55818d21dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 Rbaf1371fed7ad458028dc3f8a5166a3d.jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 19 KB
20 KB 23ms
20ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/Rbaf1371fed7ad458028dc3f8a5166a3d.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e6a78131e5b13c4c3fd20f85b88b142f5de26c35a05b7f737d328f8ee52e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20948
cf-polished: origSize=22862, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19926
cf-request-id: 086f73c5080000dfebb5215000000001
last-modified: Tue, 23 Feb 2021 01:14:40 GMT
server: cloudflare
etag: "60345700-594e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 23 Feb 2022 01:57:28 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f5581ad52dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 1qZMi27JDPyT_640x360.jpg
static-3.bitchute.com/live/cover_images/kffqQ4QqFTyY/ 15 KB
16 KB 72ms
68ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/kffqQ4QqFTyY/1qZMi27JDPyT_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

e27a9919f3534145aba4573890732395cc75378461e9762ffedb2302d67f0345

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000002be2de2f-0060338aed-43b55da-nyc3a
cdn-cachedat: 2021-02-22 11:43:57
cdn-pullzone: 89010
content-length: 15751
last-modified: Mon, 22 Feb 2021 10:39:31 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: c65c3cbeb21c3ad32883688b49ae3bbf
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H3-Q050 200 hqdefault.jpg
img.youtube.com/vi/p-h37t1vU_s/ 10 KB
10 KB 39ms
21ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/p-h37t1vU_s/hqdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

121cb1fb120cf0c70971e0f5640cb14c17312a8ab0a107ad2630c2a8215c1037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 06:01:50 GMT
x-content-type-options: nosniff
server: sffe
age: 6286
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10320
x-xss-protection: 0
expires: Tue, 23 Feb 2021 08:01:50 GMT

GET
H2 200 Untitled.pngcoperta-960x556.png
amg-news.com/wp-content/uploads/2021/02/ 751 KB
752 KB 484ms
345ms Image
image/png 89.40.36.137
SPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amg-news.com/wp-content/uploads/2021/02/Untitled.pngcoperta-960x556.png
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.40.36.137 , Romania, ASN50939 (SPACE-AS, RO),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 88820f969f905fe5514b912f98409887e1634602d8bf2db183b8a64b513ca4b3

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
last-modified: Sat, 20 Feb 2021 18:02:27 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 769098
expires: Tue, 02 Mar 2021 07:46:36 GMT

GET
H2 200 3ieQDEL7orqb_640x360.jpg
static-3.bitchute.com/live/cover_images/hSiUinUJE4LJ/ 17 KB
17 KB 71ms
68ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/hSiUinUJE4LJ/3ieQDEL7orqb_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

abc7d329823f6916679b9cf735e8d9dcade4ec3faf23ed2369af10426c77b21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 632
x-amz-request-id: tx00000000000001f8b6d72-0060179a4b-43ba6e0-nyc3a
cdn-cachedat: 2021-02-01 07:06:03
cdn-pullzone: 89010
content-length: 16941
last-modified: Mon, 01 Feb 2021 05:40:43 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 8228366d32fe227cc77922459222fedf
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 marktaylor2_si(5).jpg
img.beforeitsnews.com/contributor/upload/106013/images/ 23 KB
23 KB 26ms
23ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/marktaylor2_si(5).jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a70b62ad71ea4dc6182823f20956a07bb69723c695c2b9458c1a5b78e707cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 120432
cf-polished: origSize=25694, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23461
cf-request-id: 086f73c5080000dfebe2b2c000000001
last-modified: Fri, 12 Jun 2020 14:26:34 GMT
server: cloudflare
etag: "5ee3909a-645e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 21 Feb 2022 22:19:24 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f5581ad54dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 vaccinate-cattle.jpg
img.beforeitsnews.com/contributor/upload/724569/images/ 37 KB
37 KB 31ms
30ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/724569/images/vaccinate-cattle.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efa50f84be24d2b5f9e1ccb57fdf442aa6768ca2be24cc49e7c0f7c4294b0551

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 641228
cf-polished: origSize=43304, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38067
cf-request-id: 086f73c5080000dfebc211c000000001
last-modified: Mon, 15 Feb 2021 20:48:49 GMT
server: cloudflare
etag: "602ade31-a928"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 15 Feb 2022 21:39:28 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f5581ad56dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 qO9ujJBAAIWY2iErrhjBhzgW_640x360.jpg
static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/ 42 KB
42 KB 74ms
71ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/rzUd1ovwJXug/qO9ujJBAAIWY2iErrhjBhzgW_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

ad95e2ac06cacb286e37d1b25733cb20f483641b0e40cd4dba1ac90622ecae19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000002989ee17-00602e9497-43ba6e0-nyc3a
cdn-cachedat: 2021-02-18 17:23:52
cdn-pullzone: 89010
content-length: 42967
last-modified: Thu, 18 Feb 2021 16:12:16 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: c53352a0486f8c2d3f70168e1bc41fe2
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 6eee6d36-a059-4b8a-81a1-80cbf6df49ab
s3.amazonaws.com/webseed-realvideo-thumbnail/poster/ 1 MB
1 MB 460ms
127ms Image
image/png 52.217.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/webseed-realvideo-thumbnail/poster/6eee6d36-a059-4b8a-81a1-80cbf6df49ab
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.102.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44d099bcfc89d6a5da7095c2a72d759ea5db764faa80a350dad3f78b6d12da82

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 07:46:37 GMT
Last-Modified: Mon, 11 Jan 2021 18:03:27 GMT
Server: AmazonS3
x-amz-request-id: BDA5A8CEF1BBB262
ETag: "a83b0de281890d95712ec5506a4b7593"
x-amz-meta-optimized: true
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1216662
x-amz-id-2: DSefwjmxuuhvSzmc08ITKAHkSfMO0xWTxcDMPU74MGAayZsMDh1rdOiMD65xmSejjj7uY2wa9SM=

GET
H2 200 1_fHAGHMir_9BcVUTbLwE5iw.jpeg
img.beforeitsnews.com/contributor/upload/106013/images/ 59 KB
60 KB 22ms
22ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/106013/images/1_fHAGHMir_9BcVUTbLwE5iw.jpeg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c85991e770a9e46492b1c4ddb8a4dd90e1a7c2bb751b50e48c3b009bc9520f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 138575
cf-polished: origSize=64578, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60747
cf-request-id: 086f73c50b0000dfeba8b81000000001
last-modified: Sun, 21 Feb 2021 17:11:48 GMT
server: cloudflare
etag: "60329454-fc42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 21 Feb 2022 17:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f5581ad58dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 200528-remdesivir-miracle-drug.png
www.anhinternational.org/media/6651/ 274 KB
275 KB 50ms
17ms Image
image/png 2606:4700:3032::ac43:b25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.anhinternational.org/media/6651/200528-remdesivir-miracle-drug.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:b25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f338859d4b3b498906d8a586aa0e5f3525e5a4e3584f95b7d6b2bf213491f927

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 301
vary: Accept-Encoding
content-length: 280276
cf-request-id: 086f73c53d00004a560b994000000001
last-modified: Thu, 28 May 2020 10:55:11 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "28d59d75de34d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=10886400; preload
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wQEf41NYhWwjGDdkormFVXoRqNvaYoq0%2B3G3JsICwIjpwj2If4NL62sSIqWan%2BBabu9MFEmyu%2BEV8ALk2eG7P0oHVFmHPhv8vBcWL82sy86xqFKTE%2FB75ffli32Gy9CdSI5NNl4%3D"}]}
content-type: image/png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
accept-ranges: bytes
cf-ray: 625f5581f8f84a56-FRA

GET
H2 200 p8mpmJyrgn6Tqz8r3Hat90hX_640x360.jpg
static-3.bitchute.com/live/cover_images/2m4a3NgD19fe/ 35 KB
36 KB 72ms
68ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/2m4a3NgD19fe/p8mpmJyrgn6Tqz8r3Hat90hX_640x360.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

c8a3a8998456680357127ef5b8b14e940b671ea39dd82f03f1c49c514631f9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 601
x-amz-request-id: tx00000000000001f273b4f-006016c85b-43ba6e0-nyc3a
cdn-cachedat: 2021-01-31 16:10:19
cdn-pullzone: 89010
content-length: 36106
last-modified: Sun, 31 Jan 2021 14:29:14 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: f6d7be0fe68ea6c9bf537a5de1d55b13
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 fossil-coelacanth-800x400.jpg
www.port.ac.uk/-/media/images/news-events-and-blogs/news/2021/february/ 61 KB
61 KB 57ms
23ms Image
image/jpeg 2a02:e980:1fe::ad
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.port.ac.uk/-/media/images/news-events-and-blogs/news/2021/february/fossil-coelacanth-800x400.jpg?h=400&la=en&w=800&hash=47591FEB019978C1667C0F576C3B4E28728B6E37
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:1fe::ad , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d42ac7dfc883f0ab7b0c8a4f33b09faab6bc8380ff3db796f300af6acb5196f5

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:35 GMT
last-modified: Mon, 15 Feb 2021 10:23:14 GMT
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-11635805-0 0CNN RT(1614066395651 0) q(0 -1 -1 9) r(0 -1)
cache-control: max-age=556434, public
content-length: 62310
expires: Mon, 01 Mar 2021 18:20:29 GMT

GET
H3-Q050 200 maxresdefault.jpg
i.ytimg.com/vi/XSOC3KDrj2E/ 137 KB
138 KB 40ms
24ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/XSOC3KDrj2E/maxresdefault.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

072338776bc53654ed614f094cc7995fc6aedb75d412dbaffdb10536357f7443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 06:08:58 GMT
x-content-type-options: nosniff
server: sffe
age: 5858
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140756
x-xss-protection: 0
expires: Tue, 23 Feb 2021 08:08:58 GMT

GET
H2 200 image.imageformat.fullwidth.1082706575%2B%25281%2529.jpg
1.bp.blogspot.com/-jxIK0LF1TqE/YC5ocN7AmJI/AAAAAAAB1xE/OKI1kWjO13ou1YWFv3Q_wA1WoKaaems1QCLcBGAsYHQ/w640-h294/ 27 KB
27 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-jxIK0LF1TqE/YC5ocN7AmJI/AAAAAAAB1xE/OKI1kWjO13ou1YWFv3Q_wA1WoKaaems1QCLcBGAsYHQ/w640-h294/image.imageformat.fullwidth.1082706575%2B%25281%2529.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b60ca40efec2a003e29f273d9b67f69c87bcc91a84f1014ccd31efd15eae5b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:12:29 GMT
x-content-type-options: nosniff
age: 2047
content-disposition: inline;filename="image.imageformat.fullwidth.1082706575 (1).jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27500
x-xss-protection: 0
server: fife
etag: "v1d712"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 24 Feb 2021 07:12:29 GMT

GET
H2 200 1613576095855.jpg
1.bp.blogspot.com/-OsJTPgwPd8Q/YC5tc8kj8jI/AAAAAAAB1xQ/BQBEdZuWDvY4e1mmB61evVyjgRIIytWuQCLcBGAsYHQ/w640-h480/ 186 KB
186 KB 22ms
10ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-OsJTPgwPd8Q/YC5tc8kj8jI/AAAAAAAB1xQ/BQBEdZuWDvY4e1mmB61evVyjgRIIytWuQCLcBGAsYHQ/w640-h480/1613576095855.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d235575d4c8eaa3fe8180eb54fa86aba26c932603153d88bb4a9d0b4ae2fa7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:34:12 GMT
x-content-type-options: nosniff
age: 744
content-disposition: inline;filename="1613576095855.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190417
x-xss-protection: 0
server: fife
etag: "v1d715"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 24 Feb 2021 07:34:12 GMT

GET
H2 200 A_Money_A1234.jpg
img.beforeitsnews.com/contributor/upload/428376/images/ 23 KB
23 KB 26ms
26ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/428376/images/A_Money_A1234.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bf3479f377f35625cdf4cd09e240522083af64f40dc39544d7c147e61c09aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 51135
cf-polished: origSize=25189, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23556
cf-request-id: 086f73c5440000dfebb8a8a000000001
last-modified: Sat, 23 Jan 2021 02:32:54 GMT
server: cloudflare
etag: "600b8ad6-6265"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 17:34:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f55820da8dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 spinothumbnail-500x500.jpg
news.harvard.edu/wp-content/uploads/2020/02/ 38 KB
38 KB 141ms
15ms Image
image/jpeg 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.harvard.edu/wp-content/uploads/2020/02/spinothumbnail-500x500.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e5ac7cf40b4f543683466d88df4b2b8e8b3dd62100c2a79025aef8d7ec6afcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
etag: "5f34fb09-9824"
age: 832478
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-length: 38948
x-served-by: cache-mdw17378-MDW, cache-fra19132-FRA
last-modified: Thu, 13 Aug 2020 08:34:17 GMT
server: nginx
x-timer: S1614066397.632675,VS0,VE1
date: Tue, 23 Feb 2021 07:46:36 GMT
content-type: image/jpeg
x-styx-req-id: fde8c202-6e18-11eb-bf59-129971926bc2
expires: Mon, 14 Feb 2022 16:31:58 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe4-b-649d688684-g9bm2

GET
H/1.1 200
OK stonehenge.jpg
www.ucl.ac.uk/news/sites/news/files/styles/large_image/public/ 71 KB
71 KB 419ms
44ms Image
image/jpeg 144.82.250.24
JANET Jisc Servic...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ucl.ac.uk/news/sites/news/files/styles/large_image/public/stonehenge.jpg?itok=-BB3v7Ow

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.82.250.24 , United Kingdom, ASN786 (JANET Jisc Services Limited, GB),

Reverse DNS

wwwr-02-188-d04-vip.ucl.ac.uk

Software

Resource Hash

c64b23467e6c66bc8774369d870a4df94f72369f68478bd2be51e43fefd60816

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 00:46:46 GMT
Via: 1.1 www.ucl.ac.uk
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 15:27:21 GMT
Age: 25191
ETag: "11a3f-5bb1127e8fd3b"
X-Frontend: wwwr-a.ucl.ac.uk
Content-Type: image/jpeg
Cache-Control: max-age=9600, public
Connection: close
Accept-Ranges: bytes
Content-Length: 72255

GET
H2 200 4xgyce.jpg
i.imgflip.com/ 73 KB
74 KB 88ms
38ms Image
image/jpeg 104.18.64.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4xgyce.jpg
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.64.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9085b891c960343c10190f47bcaf7cbcd8981e03c949a3da7bfe3791bef56215

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cf-cache-status: HIT
age: 1098461
cf-polished: origSize=75243
cf-ray: 625f55828b317373-CPH
content-length: 74699
x-amz-id-2: khezwfRUgQzkNChEmdzVs6m7f3Ihno+vEoOTzgMJKiNg7qAzGt8oScIe+8IvZxmWl7E5PjZonhI=
last-modified: Wed, 10 Feb 2021 14:32:55 GMT
server: cloudflare
etag: "5e6dfead8514a48099f296923930b304"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 323DA88B04318FEF
access-control-allow-origin: *
expires: Fri, 21 Feb 2031 07:46:36 GMT
cache-control: public, max-age=315360000
cf-request-id: 086f73c59900007373bea24000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 9pluIJkq24JQ_320x180.jpg
static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/ 8 KB
9 KB 50ms
50ms Image
image/jpeg 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/n78PbEkvWx2g/9pluIJkq24JQ_320x180.jpg

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-723 /

Resource Hash

c4b158ed9fbcb3065871a2c777591fecf99b79ec119e3d930e3e00e51f934025

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
cdn-edgestorageid: 632
age: 0
cdn-cachedat: 2021-02-20 02:29:19
cdn-pullzone: 89010
content-length: 8464
x-amz-request-id: tx00000000000002a8980da-00603065ef-43b5652-nyc3a
last-modified: Sat, 20 Feb 2021 01:07:00 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control: public, max-age=31919000
cdn-requestid: 4c6cd9f79068d6f2e7d7b142355bc674
accept-ranges: bytes
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 Screen-Shot-2015-02-04-at-8.54.04-PM.png
stateofthenation2012.com/wp-content/uploads/2015/02/ 183 KB
184 KB 103ms
33ms Image
image/png 192.124.249.61
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateofthenation2012.com/wp-content/uploads/2015/02/Screen-Shot-2015-02-04-at-8.54.04-PM.png

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.61 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

237c32bc1bf3da03baf0333fda0e4ec7d8a5c9d0cfdc4e90443cadbb660520e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
x-content-type-options: nosniff, nosniff
x-cacheable: YES
x-backend: all_requests
age: 239850
x-cache: cached
x-sucuri-cache: HIT
content-length: 187812
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 14 Mar 2015 15:18:52 GMT
server: nginx
etag: "2dda4-5114122720f00"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19011
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 100 KB
32 KB 47ms
14ms Script
text/javascript 2600:9000:2127:d600:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:d600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 414d8b428bdb05db9e520b23c7855cb14d5eee21007b4492d7f151f46ffd0f3a

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:44:32 GMT
content-encoding: gzip
age: 124
etag: W/"1911a-/9PKm40I201/anLlzkWA79nhAcc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 a1c66294cb416b399374a845b97656d3.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: kn4FX3XZvA2xZxoVw6MtyBbOU0uZAAhu4wYKEC3RXLCdmL-XraoWwA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 26ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbf6ab527a3928c80bb04a99ea3c9d5067dd8d7beb492849b7ccd29765d5d34d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39288
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Feb 2021 07:46:36 GMT

GET
H2 200 tabs-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 148 B
615 B 30ms
21ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/tabs-bin-rev-20210219.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316844
cf-polished: origSize=189
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c5070000dfebda171000000001
last-modified: Fri, 19 Feb 2021 15:31:53 GMT
server: cloudflare
etag: W/"602fd9e9-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 625f5581ad4adfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 158ms
53ms Script
text/javascript 65.9.20.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.109 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 16:57:20 GMT
via: 1.1 43bd2d4908cb8542cdbe4153b40c694b.cloudfront.net (CloudFront)
last-modified: Sat, 20 Feb 2021 16:57:06 GMT
server: AmazonS3
age: 53364
etag: "434a3d44a3079aedd890448838582f6c"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 11415
x-amz-cf-id: f6tLOMg0cXoPEzh9IzBXu9w8O5KuGikP4AJt7oSkq6Gg3F8gN3oCOQ==

GET
H2 200 global-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 18 KB
5 KB 32ms
25ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af54c50c8c81bb5de6f8460e58f66372a414cf89628038ef7afc9dd3f49bf50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316844
cf-polished: origSize=18742
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c5070000dfebcf1dd000000001
last-modified: Fri, 19 Feb 2021 15:31:50 GMT
server: cloudflare
etag: W/"602fd9e6-4936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: max-age=31536000, must-revalidate
cf-ray: 625f5581ad4ddfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:52 GMT

GET
H2 200 jquery-fancybox-mobiledetect-uuid.js Show response
beforeitsnews.com/static/js-v3/ 146 KB
54 KB 34ms
27ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1708878
cf-polished: origSize=149701
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c5070000dfebe53d6000000001
last-modified: Fri, 25 Dec 2020 03:29:55 GMT
server: cloudflare
etag: W/"5fe55cb3-248c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 625f5581ad4fdfeb-FRA
expires: Wed, 10 Feb 2021 13:05:17 GMT

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/5a096a9f/ Frame 11D6 340 KB
51 KB 11ms
8ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4PSg23TeK20

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57662
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52112
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:45:34 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/ Frame 11D6 157 KB
57 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4PSg23TeK20

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2de1ffe42871dbd7ab4adc416dd748b02273bd68e43255631d8e4fad6330045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57632
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58387
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:46:04 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame 11D6 2 MB
496 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4PSg23TeK20

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3995cf4a71263d70b3354acf1c649038c18eaf289e4287b8cb8e2063df5f2901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57521
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 508012
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:47:55 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/5a096a9f/fetch-polyfill.vflset/ Frame 11D6 8 KB
3 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4PSg23TeK20

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57632
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:46:04 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 11D6 10 KB
11 KB 41ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4PSg23TeK20

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 16:25:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 55285
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Tue, 22 Feb 2022 16:25:11 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 11D6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
1 KB

126ms
112ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4PSg23TeK20

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34d736a8fcf1d2ac4fca42302365ae0d8e3106cff1d9bfa8ffaf2af859957c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 Feb 2021 07:46:36 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 11D6 29 B
113 B 5ms
5ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:45:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 72
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 23 Feb 2021 08:00:24 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame 11D6 95 KB
31 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb1da869f11de5f6d41770efeafe33cb06aa4540f13ce665a29aefcf0fe5cdad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57521
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32207
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:47:55 GMT

GET
H2 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
www.google.com/js/bg/ Frame 11D6 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 259361
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Sun, 20 Feb 2022 07:43:55 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame 11D6 29 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88876f6627eed8149d59d1c99b86ec067acb99904d2be968045c4ecf3440306d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57521
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9676
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:47:55 GMT

GET
DATA 200
OK truncated
/ Frame 11D6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnhaJ9Jkon2k92gvsq-hZMcI0SD1K7p3tAxcHNgBEw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 11D6 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhaJ9Jkon2k92gvsq-hZMcI0SD1K7p3tAxcHNgBEw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4PSg23TeK20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3925480b47b3942357ce9fe71b56e2f558b7ecb63dec1b651d42d333feedc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 06:41:20 GMT
x-content-type-options: nosniff
age: 3916
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2582
x-xss-protection: 0
server: fife
etag: "v121"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 24 Feb 2021 02:40:21 GMT

GET
H3-Q050 200 sddefault.webp
i.ytimg.com/vi_webp/4PSg23TeK20/ Frame 11D6 17 KB
17 KB 7ms
6ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/4PSg23TeK20/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4PSg23TeK20

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e7569403d1a2fb6ab1150da52147d1c17285e518901423fd0b853bda020bc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:10 GMT
x-content-type-options: nosniff
server: sffe
age: 26
etag: "1614047248"
vary: Origin
content-type: image/webp
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17176
x-xss-protection: 0
expires: Tue, 23 Feb 2021 07:51:10 GMT

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 15E1 67 KB
24 KB 130ms
129ms Script
application/javascript 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=156

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vbgsjb/?pub=hw409

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

nginx /

Resource Hash

b281ad27f364870c796484abb0200415eaee3e6c8ecc3e118007a960c5de53e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vbgsjb/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: br
last-modified: Mon, 22 Feb 2021 20:31:21 GMT
server: nginx
etag: W/"60341499-10b89"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 ZOoAb.OvCc-small-Bill-Gates-Now-Says-A-Third.jpg
i.rmbl.ws/s8/1/Z/O/o/A/ Frame 15E1 60 KB
60 KB 111ms
29ms Image
image/jpeg 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.rmbl.ws/s8/1/Z/O/o/A/ZOoAb.OvCc-small-Bill-Gates-Now-Says-A-Third.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbgsjb/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F78A) /
Resource Hash: cc72c12855f4a120e4b586dcc7b589ec2691fb300fdf362f413b9945c82dab5d

Request headers

Referer: https://rumble.com/embed/vbgsjb/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
last-modified: Mon, 22 Feb 2021 21:16:13 GMT
server: ECAcc (ska/F78A)
age: 37793
etag: "635504946"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 61172
expires: Wed, 23 Feb 2022 07:46:36 GMT

GET
H2 206 ZOoAb.caa.1.mp4
i.rmbl.ws/s8/2/Z/O/o/A/ Frame 15E1 64 KB
0 138ms
62ms Media
video/mp4 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://i.rmbl.ws/s8/2/Z/O/o/A/ZOoAb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbgsjb/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F68B) /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbgsjb/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
last-modified: Mon, 22 Feb 2021 21:41:19 GMT
server: ECAcc (ska/F68B)
age: 36232
etag: "4061246491"
x-cache: HIT
content-type: video/mp4
Content-Range: bytes 0-359644862/359644863
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 359644863
expires: Tue, 23 Feb 2021 07:46:35 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 11D6 4 KB
2 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Tue, 23 Feb 2021 07:46:36 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 11D6 0
38 B 7ms
5ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?RE0F8g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/4PSg23TeK20
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/4PSg23TeK20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:36 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 15E1 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/embed/vbgsjb/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6240
date: Tue, 23 Feb 2021 06:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Feb 2021 08:02:36 GMT

POST
H2 200 view...bgsjb.zjm9jz
rumble.com/l/ Frame 15E1 35 B
191 B 135ms
135ms Other
image/gif 169.59.64.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...bgsjb.zjm9jz?p=2.3&r=79283198&ref=https%3A%2F%2Fbeforeitsnews.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=156

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://rumble.com/embed/vbgsjb/?pub=hw409
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 23 Feb 2021 07:46:37 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H2 206 ZOoAb.caa.1.mp4
i.rmbl.ws/s8/2/Z/O/o/A/ Frame 15E1 5 MB
5 MB 234ms
234ms Media
video/mp4 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://i.rmbl.ws/s8/2/Z/O/o/A/ZOoAb.caa.1.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vbgsjb/?pub=hw409
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F68B) /
Resource Hash: 179be95aa7c0cb318bc64f19bf278b564f1c32234c103ca219f13dc17f7ac2cf

Request headers

Referer: https://rumble.com/embed/vbgsjb/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=354189312-

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
last-modified: Mon, 22 Feb 2021 21:41:19 GMT
server: ECAcc (ska/F68B)
age: 36233
etag: "4061246491"
x-cache: HIT
content-type: video/mp4
Content-Range: bytes 354189312-359644862/359644863
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 5455551
expires: Tue, 23 Feb 2021 07:46:36 GMT

GET
H2 206 ZOoAb.caa.1.mp4
i.rmbl.ws/s8/2/Z/O/o/A/ Frame 15E1 128 KB
0 27ms
27ms Media
video/mp4 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://i.rmbl.ws/s8/2/Z/O/o/A/ZOoAb.caa.1.mp4?u=0&b=0
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F68B) /
Resource Hash

Request headers

Referer: https://rumble.com/embed/vbgsjb/?pub=hw409
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
last-modified: Mon, 22 Feb 2021 21:41:19 GMT
server: ECAcc (ska/F68B)
age: 36233
etag: "4061246491"
x-cache: HIT
content-type: video/mp4
Content-Range: bytes 0-359644862/359644863
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 359644863
expires: Tue, 23 Feb 2021 07:46:36 GMT

GET
H2 200 beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame 90A6 247 KB
66 KB 103ms
34ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211237
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2679778b93df6e744375df15a0cf3bf725c05682ab914436cc1ef9d89b35ec74

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 5898
cf-polished: origSize=253315
last-modified: Sat, 20 Feb 2021 08:09:51 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5538E5BC7F9773F6
x-amz-id-2: ex2MHy5DUHPUEZLEBoLEsRY0dQgoeyNarugPLh+GKiElhiuyp8fulwnDPkiVMEsZ8taP9bnXcxg=
cf-bgj: minify
server: cloudflare
etag: W/"c8425c1278d026f965f543ad66c480c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 086f73c968000010adec1d1000000001
cf-ray: 625f5588af4810ad-CPH
expires: Tue, 23 Feb 2021 10:46:37 GMT

GET
H2 200 beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 9C6D 246 KB
66 KB 146ms
81ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211237
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 581d0975297fd9b7d3a036c32225c5235bf6a0f17d59eb38ca545ede64bbdfa1

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 5898
cf-polished: origSize=251915
last-modified: Sat, 20 Feb 2021 08:09:34 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 51BDA582B0B7533E
x-amz-id-2: n6NMCDT7Yayo8SEDtDTW6B3lBrTplKknmyAV0tBi3yIAnUyTAN0Dn1F3NdnCnI2vYYJBzeUHuqg=
cf-bgj: minify
server: cloudflare
etag: W/"f9c8dae3ec349f95b26e97f99e584432"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 086f73c969000010ad39817000000001
cf-ray: 625f5588af4a10ad-CPH
expires: Tue, 23 Feb 2021 10:46:37 GMT

GET
H2 200 / Show response
s.tradingview.com/embed-widget/ticker-tape/ Frame 4F22 20 KB
7 KB 493ms
360ms Document
text/html 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

26a162d9a9077372e791b2f09e453dc2e36ffe21783184c9867ee3eaec9fe3b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://rum-static.pingdom.net/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://www.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-CLDgRarahBqtn4ea'; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.tradingview.com
:scheme: https
:path: /embed-widget/ticker-tape/?locale=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
date: Tue, 23 Feb 2021 06:57:38 GMT
expires: Tue, 23 Feb 2021 07:57:38 GMT
cache-control: max-age=3600
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://rum-static.pingdom.net/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://www.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-CLDgRarahBqtn4ea'; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: 9ex1jwXZx1OCODq_RqrI7pPuHgCG1FhhSdebw4iK1U_j6piA_e03Og==
age: 2939

POST
H/1.1 200
OK count.php Show response
ajax.beforeitsnews.com/core/ajax/counter/ 15 B
618 B 533ms
190ms XHR
text/html 64.62.227.19
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/counter/count.php

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.19 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

7ad44da673aa6ca75660e2e45e49e9076c188798058632919c3bc8b5db2fec25

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 23 Feb 2021 07:46:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 jsDynamic-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 7 KB
2 KB 25ms
23ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724d7b74367497bb10c46d55c5490246031ae83559b82b20d6199508674b8202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316855
cf-polished: origSize=7634
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c9600000dfebaaa09000000001
last-modified: Fri, 19 Feb 2021 15:31:52 GMT
server: cloudflare
etag: W/"602fd9e8-1dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 625f55889c22dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:42 GMT

GET
H2 200 responsive-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 2 KB
777 B 23ms
22ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/responsive-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316855
cf-polished: origSize=1728
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c9640000dfebaaa0a000000001
last-modified: Fri, 19 Feb 2021 15:31:52 GMT
server: cloudflare
etag: W/"602fd9e8-6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 625f55889c24dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:42 GMT

GET
H2 200 validate-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 6 KB
2 KB 23ms
22ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/validate-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316855
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c9610000dfeb1d1cd000000001
last-modified: Fri, 19 Feb 2021 15:31:54 GMT
server: cloudflare
etag: W/"602fd9ea-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 625f55889c27dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:45:42 GMT

GET
H2 200 loadmore-bin-rev-20210219.js Show response
beforeitsnews.com/static/js-v3/ 14 KB
3 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-20210219.js

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 316907
cf-polished: origSize=14745
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c9610000dfebe98ee000000001
last-modified: Fri, 19 Feb 2021 15:31:52 GMT
server: cloudflare
etag: W/"602fd9e8-3999"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cache-control: private, max-age=31536000, must-revalidate
cf-ray: 625f55889c28dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
expires: Fri, 26 Feb 2021 15:44:50 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

c7172af71f54b3398cf15442ad943f001b1d8386215a68264c026b15888c87d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iu-3%20(36).jpg
img.beforeitsnews.com/contributor/upload/724569/images/ 24 KB
25 KB 20ms
19ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.beforeitsnews.com/contributor/upload/724569/images/iu-3%20(36).jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06ac7edeb319936300123014e79a92feb471b58803b10d87fd5a2fb05444bb68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 109304
cf-polished: origSize=30764, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25045
cf-request-id: 086f73c9720000dfeb08a40000000001
last-modified: Mon, 22 Feb 2021 00:15:22 GMT
server: cloudflare
etag: "6032f79a-782c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 01:24:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 625f5588bc40dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 5f2c559be7229f0012f31c92.js Show response
buttons-config.sharethis.com/js/ 1 KB
873 B 37ms
12ms Script
text/javascript 2600:9000:2127:fe00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f2c559be7229f0012f31c92.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:fe00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:22 GMT
content-encoding: gzip
etag: W/"321dc6041bb0ea183e662f402b588149"
last-modified: Thu, 06 Aug 2020 20:50:47 GMT
server: AmazonS3
age: 63
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: WBp7GblE0468VFljKd-yhGOds8WQQcWa0Wu6n6mE5d24qSWUqrMVfg==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 53ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6241
date: Tue, 23 Feb 2021 06:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Feb 2021 08:02:36 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 2405 2 KB
1 KB 36ms
10ms Document
text/html 2600:9000:2127:d800:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:d800:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Tue, 23 Feb 2021 07:43:54 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: WEmJNPBUEnsSKDHGYDun94ef0HtClHTpCJd5AB6RUIhwYJlf4xLdpA==
age: 163

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 106ms
28ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-20210219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 20:37:43 GMT
server: nginx
etag: W/"14f4-177cb764b7a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

GET
H/1.1 200
OK get_banners_direct.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/ 1 KB
1 KB 496ms
166ms XHR
text/html 64.62.227.19
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_banners/get_banners_direct.php?type=on_regular_page&_=1614066397617

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.19 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

8d9bffaac9b1bd6cc921971b3f967b954b1eb1aed610cdf11cf3651e4443f5ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 07:46:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 39ms
22ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2062
etag: W/"b952f25ea8995726c8678b65dfe57a51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 625f5589497f16ee-FRA
cf-request-id: 086f73c9cf000016ee8e850000000001
expires: Tue, 23 Feb 2021 08:46:37 GMT

GET
H/1.1 200
OK get_items_to_show.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/ 63 KB
7 KB 496ms
167ms XHR
text/html 64.62.227.19
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1614066397619

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.19 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

0e6db22536ccf678ce0ea24ab7836e19383fdc18520b11bf6445e4c8aaeee625

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 07:46:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 get-most-recent-stories-list.php Show response
beforeitsnews.com/v3/recent/ 14 KB
3 KB 609ms
609ms XHR
text/html 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beforeitsnews.com/v3/recent/get-most-recent-stories-list.php?_=1614066397619

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d16c6b94e2a39d2fa4a1571dac6e98ecd8a8738f8d8c46fbdfe5a5b632afebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
access-control-max-age: 3628800
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73c9b50000dfebb5249000000001
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 625f55892cd5dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H/1.1 200
OK carousel.php Show response
ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/ 2 KB
1 KB 500ms
168ms XHR
text/html 64.62.227.19
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.beforeitsnews.com/core/ajax/contributor/v3_ads_videos_rotating/carousel.php?_=1614066397620

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.62.227.19 San Jose, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

76afa64166a8fa896379f5e72cabf86e9cd3fcf845a526aca5ef93b7b128d36e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 07:46:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3628800
Cache-control: private
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1112
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 23 Feb 2021 08:28:05 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2537
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 23 Feb 2021 08:04:20 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 6513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 086f73ca1d000010adfb01b000000001
cf-ray: 625f5589c92b10ad-CPH

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:38:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 338889
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Sat, 19 Feb 2022 09:38:28 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beforeitsnews.com
Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:38:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 338889
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Sat, 19 Feb 2022 09:38:28 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 1 KB
1 KB 55ms
54ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=334&cols=1&pv=5&cbuster=1614066397828296897036&uniqId=17071&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=1&pvid=177cddab285a3ac04a0&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a680689e4e29a9a2d0626a0c3c05656c9e326f0fb117c9f2b05d478b252f9c37

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 625f558a8a9d10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73ca91000010ad42367000000001

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 243 KB
87 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40523
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88693
x-xss-protection: 0
last-modified: Mon, 30 Nov 2020 10:52:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 20:31:14 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
189 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1523484305&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=739055043&gjid=320013259&cid=72590407.1614066398&tid=UA-16055024-1&_gid=395671505.1614066398&_r=1&gtm=2ou2a1&z=4807605

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 10864438442185062 Show response
lockerdome.com/lad/ Frame 46C4 1 KB
2 KB 650ms
164ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Tue, 23 Feb 2021 07:46:38 GMT

GET
H/1.1 200
OK 10864440455450982 Show response
lockerdome.com/lad/ Frame 5927 1 KB
2 KB 651ms
165ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Tue, 23 Feb 2021 07:46:38 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 130ms
32ms XHR
text/plain 52.29.155.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=beforeitsnews.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fbeforeitsnews.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Before%20It%27s%20News%20%7C%20People%20Powered%20News&cms=unknown&publisher=5f2c559be7229f0012f31c92&embeds_csv=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4PSg23TeK20&sop=true&bsamesite=true&consent_cookie_duration=327&consent_duration=327&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Before%20It%27s%20News%C2%AE%20is%20a%20community%20of%20individuals%20who%20report%20on%20what%27s%20going%20on%20around%20them%2C%20from%20all%20around%20the%20world.%20You%20can%20join%20to%20Contribute%20News%20and%20Comments.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.155.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 07:46:38 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://beforeitsnews.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-16055024-1&cid=72590407.1614066398&jid=739055043&gjid=320013259&_gid=395671505.1614066398&_u=IEBAAUAAAAAAAC~&z=2054674826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Feb 2021 07:46:37 GMT
content-type: text/plain
access-control-allow-origin: https://beforeitsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 3 KB
2 KB 55ms
54ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=370&h=1094&cols=1&pv=5&cbuster=1614066397904535066157&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F&pageView=0&pvid=177cddab2d0a9a1d142&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d6fc3d1457c30c5a89ff8320a499cbcdd0a7ec66b32b88c731f69c152d01f7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 625f558afb8710ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73cadc000010adc72ee000000001

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
864 B 23ms
23ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 6513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 086f73caf8000010ad4236e000000001
cf-ray: 625f558b2be810ad-CPH

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
781 B 67ms
58ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=161406639793934178241
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db4602c0a421abb81b313b76ee5b2988aa0970baf3eb08bfcb5bef3b1855fbe

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3bdc79df-f354-4e8b-9eb7-128428fc13ee
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 625f558b3c1c10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73cb07000010ad2f3ef000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 98A9 19 B
317 B 76ms
72ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1614066397944216977913
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3f6f7a50-d2f7-47e2-96dd-72508bd1e62d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 625f558b3c2010ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73cb07000010ad04a88000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x328/88x0x631x420/ 15 KB
15 KB 37ms
35ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193504/492x328/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1614066397-w5fTcHI9JFoH-NurLp05qRKC7fh8DQ8jdIPSJ3W6xxs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714e4b742a1ddc3565cfb472ac59b37a1bc03dd471e5d51a13647bfced2dbf5c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
cf-cache-status: HIT
x-mg-request-uuid: b9a46d08-3127-4ba0-89bd-6b0bdb9592e6
age: 1124442
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15046
cf-request-id: 086f73cb07000010ad03bc2000000001
last-modified: Wed, 10 Feb 2021 07:15:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558b3c2410ad-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x328/88x0x631x420/ Frame 90A6 15 KB
15 KB 33ms
32ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193504/492x328/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1614066397-w5fTcHI9JFoH-NurLp05qRKC7fh8DQ8jdIPSJ3W6xxs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714e4b742a1ddc3565cfb472ac59b37a1bc03dd471e5d51a13647bfced2dbf5c

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:37 GMT
cf-cache-status: HIT
x-mg-request-uuid: b9a46d08-3127-4ba0-89bd-6b0bdb9592e6
age: 1124442
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15046
cf-request-id: 086f73cb08000010adcbaa0000000001
last-modified: Wed, 10 Feb 2021 07:15:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558b3c2610ad-CPH

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 46ms
32ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-16055024-1&cid=72590407.1614066398&jid=739055043&_u=IEBAAUAAAAAAAC~&z=1222718786

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-16055024-1&cid=72590407.1614066398&jid=739055043&_u=IEBAAUAAAAAAAC~&z=1222718786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 54ms
40ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 09:08:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 81463
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Tue, 22 Feb 2022 09:08:55 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 5CC6 18 KB
4 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1113
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 23 Feb 2021 08:28:05 GMT

GET
H3-Q050 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 49ms
39ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:14:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 59555
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:14:03 GMT

GET
H3-Q050 200 cleardot.gif
www.google.com/images/ 43 B
124 B 14ms
14ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 26ms
25ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 6514
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 086f73cb5f000010ad42374000000001
cf-ray: 625f558bccf910ad-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp
s-img.mgid.com/g/8164835/492x277/0x91x1080x720/ 12 KB
12 KB 29ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164835/492x277/0x91x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp?v=1614066397-GLNso8kxdCZw8R_6l34Glrm0-QhrB4O52HKHw8Rv_c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505864f9436def05580211dd30d70e6c5dfd59b7c3b65a900687004174e25975

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: eeecd54e-64aa-4fdd-be34-3d828772ec55
age: 1286307
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12586
cf-request-id: 086f73cb6d000010adfa3da000000001
last-modified: Mon, 08 Feb 2021 10:20:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558bed1e10ad-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x277/0x0x1081x720/ 11 KB
11 KB 30ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1614066397-nP-b3FMaYeJH-wPPK9FAy5hfKaL-GEnVoBeZXNJNNGk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b157d25b2620c6a59a6ed469adcc741ce36e24b7a134a466ab95bfece785c7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: 2cc41e5f-7148-4c9e-b3b6-a6b81ac70d71
age: 1286307
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10786
cf-request-id: 086f73cb6e000010addb05b000000001
last-modified: Mon, 08 Feb 2021 10:20:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558bed2310ad-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x277/0x311x684x456/ 13 KB
13 KB 33ms
32ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193525/492x277/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1614066397-zE_0L1yp068OA-KMZTxwATFfp_VLyMz-xU4bUKPlenw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aae7f67b0a890728d141dd89c222472429682a0f2fc6273eb92dfc2f58126d6

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: eaf15120-bd53-4115-abd7-2d1c1ff713ce
age: 1124391
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13282
cf-request-id: 086f73cb6e000010ad32aba000000001
last-modified: Wed, 10 Feb 2021 07:15:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558bed2510ad-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDUtMDgvMTAxOTI0Lzg4M2I2OGUyZGUyZDE3MWJmZTMyOWNjOTc3YjdiMGExLmpwZz90PTE1MjU4MzU3MTkzOTk.webp
s-img.mgid.com/g/8164904/492x277/0x0x1079x719/ 5 KB
5 KB 30ms
29ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164904/492x277/0x0x1079x719/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDUtMDgvMTAxOTI0Lzg4M2I2OGUyZGUyZDE3MWJmZTMyOWNjOTc3YjdiMGExLmpwZz90PTE1MjU4MzU3MTkzOTk.webp?v=1614066397-hCAmBFbBAvG87-UqXGhHRU0-a5MimtmHzJmPlNs9mm4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924bb860ba275232227964d72e9fd3192d9187f721bb0cb30a1e17289daa3965

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: 046bd486-1bd4-4a41-a2c3-9075d1a974cd
age: 1283065
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5352
cf-request-id: 086f73cb6e000010ad42375000000001
last-modified: Mon, 08 Feb 2021 10:20:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558bed2810ad-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp
s-img.mgid.com/g/8164835/492x277/0x91x1080x720/ Frame 9C6D 12 KB
12 KB 27ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164835/492x277/0x91x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp?v=1614066397-GLNso8kxdCZw8R_6l34Glrm0-QhrB4O52HKHw8Rv_c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505864f9436def05580211dd30d70e6c5dfd59b7c3b65a900687004174e25975

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: eeecd54e-64aa-4fdd-be34-3d828772ec55
age: 1286307
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12586
cf-request-id: 086f73cb6d000010ad332fe000000001
last-modified: Mon, 08 Feb 2021 10:20:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558bed2110ad-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x277/0x0x1081x720/ Frame 9C6D 11 KB
11 KB 34ms
33ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1614066397-nP-b3FMaYeJH-wPPK9FAy5hfKaL-GEnVoBeZXNJNNGk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b157d25b2620c6a59a6ed469adcc741ce36e24b7a134a466ab95bfece785c7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: 2cc41e5f-7148-4c9e-b3b6-a6b81ac70d71
age: 1286307
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10786
cf-request-id: 086f73cb6e000010ade6ad1000000001
last-modified: Mon, 08 Feb 2021 10:20:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558bed2410ad-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x277/0x311x684x456/ Frame 9C6D 13 KB
13 KB 25ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193525/492x277/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1614066397-zE_0L1yp068OA-KMZTxwATFfp_VLyMz-xU4bUKPlenw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aae7f67b0a890728d141dd89c222472429682a0f2fc6273eb92dfc2f58126d6

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: eaf15120-bd53-4115-abd7-2d1c1ff713ce
age: 1124391
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13282
cf-request-id: 086f73cb88000010ad070ca000000001
last-modified: Wed, 10 Feb 2021 07:15:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558c0d8a10ad-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDUtMDgvMTAxOTI0Lzg4M2I2OGUyZGUyZDE3MWJmZTMyOWNjOTc3YjdiMGExLmpwZz90PTE1MjU4MzU3MTkzOTk.webp
s-img.mgid.com/g/8164904/492x277/0x0x1079x719/ Frame 9C6D 5 KB
5 KB 25ms
24ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164904/492x277/0x0x1079x719/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDUtMDgvMTAxOTI0Lzg4M2I2OGUyZGUyZDE3MWJmZTMyOWNjOTc3YjdiMGExLmpwZz90PTE1MjU4MzU3MTkzOTk.webp?v=1614066397-hCAmBFbBAvG87-UqXGhHRU0-a5MimtmHzJmPlNs9mm4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924bb860ba275232227964d72e9fd3192d9187f721bb0cb30a1e17289daa3965

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: 046bd486-1bd4-4a41-a2c3-9075d1a974cd
age: 1283065
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5352
cf-request-id: 086f73cb89000010ad20817000000001
last-modified: Mon, 08 Feb 2021 10:20:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 625f558c0d8f10ad-CPH

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3ABE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

291 B
559 B

99ms
30ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=161406639793934178241
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://beforeitsnews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Feb 2021 07:46:38 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Tue, 23 Feb 2021 07:46:38 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e543eaeb-636b-4fd2-acd5-3c09873b18f2&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=61fe6e2f-cf28-481e-96d3-0adb910da14f&gdpr=&gdpr_consent=&us_privacy=

43 B
259 B

53ms
53ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=61fe6e2f-cf28-481e-96d3-0adb910da14f&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b6ade135-2751-4620-a6ab-7abdf63f8278
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 625f558f1a5210ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73cd6a000010adcdaf8000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=61fe6e2f-cf28-481e-96d3-0adb910da14f&gdpr=&gdpr_consent=&us_privacy=
date: Tue, 23 Feb 2021 07:46:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=3404807c-7f65-4f56-bd1c-42bb122d23fa&ttl=1616658398

43 B
243 B

53ms
53ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=3404807c-7f65-4f56-bd1c-42bb122d23fa&ttl=1616658398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 25aebbb9-a91b-41c0-987c-3ba5483c7539
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 625f558df88e10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73ccbb000010ad33314000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=3404807c-7f65-4f56-bd1c-42bb122d23fa&ttl=1616658398
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 127ms
80ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l1mBOKpePFKn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 625f558c3cf27367-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 086f73cba3000073670d2d4000000001

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l1mBOKpePFKn
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l1mBOKpePFKn
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=61fe6e2f-cf28-481e-96d3-0adb910da14f&gdpr=&gdpr_consent=

43 B
684 B

130ms
44ms

Image
image/gif

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=61fe6e2f-cf28-481e-96d3-0adb910da14f&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=61fe6e2f-cf28-481e-96d3-0adb910da14f&gdpr=&gdpr_consent=
date: Tue, 23 Feb 2021 07:46:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=McodVc1AhfJABslyOr1S&pi=mgid&tc=1

43 B
338 B

99ms
92ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=McodVc1AhfJABslyOr1S&pi=mgid&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c6f3d4bc-6e27-48b0-bd91-c7c4b24daf6f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 625f558d0efe10ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73cc22000010ad2f005000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=McodVc1AhfJABslyOr1S&pi=mgid&tc=1
pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT, Tue, 23 Feb 2021 07:46:38 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFtQk9LcGVQRktu&muidn=l1mBOKpePFKn
https://cm.mgid.com/google?muidn=l1mBOKpePFKn&google_ula={guid},5&google_gid=CAESEOE95coyUW7p4iPHNhitGQ0&google_cver=1

0
277 B

57ms
57ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l1mBOKpePFKn&google_ula={guid},5&google_gid=CAESEOE95coyUW7p4iPHNhitGQ0&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 625f558cdec410ad-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73cc0b000010ad070d3000000001

Redirect headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l1mBOKpePFKn&google_ula={guid},5&google_gid=CAESEOE95coyUW7p4iPHNhitGQ0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
623 B 102ms
55ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l1mBOKpePFKn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 07:46:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 625f558c6aca10c1-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086f73cbbe000010c13081a000000001

GET
H2 200 en.f7f94942ee35c540.js Show response
s.tradingview.com/static/localization/translations/ Frame 4F22 291 KB
48 KB 60ms
59ms Script
application/javascript 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.f7f94942ee35c540.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

8a2cdd0468e17f7a548dd21640dcadd36c104fda3ba47093ffa0e90faad22c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 10:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248100
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Sat, 20 Feb 2021 09:50:09 GMT
server: tv
etag: W/"6030db51-bb83"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: x0Ks1vqF9gPLNjytvZLNvh8wlW4iyXy4-rMpIARzy_RD0g5ECXY1og==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.c30008b99436f17ee7b7.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4F22 53 KB
20 KB 60ms
59ms Script
application/javascript 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.c30008b99436f17ee7b7.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

f7fcb3dd77ffeb9fa5bc524bccc249f684d79acbcffb69cfd342dd2b2d0a1348

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 15:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231118
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Sat, 20 Feb 2021 15:06:05 GMT
server: tv
etag: W/"6031255d-4b6c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: IdgRPeJ73gFQcPuIVI-D_Wjj-9ZOagreBhyUVYtUiDABSewPn2H-rA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.5a11590e919bbbbe7f2e.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4F22 381 KB
127 KB 57ms
56ms Script
application/javascript 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.5a11590e919bbbbe7f2e.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

8bd559dad13382260ef019f6a0807b9dd746bd6738a93bcbc77929041e0bb5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:55:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2494250
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 25 Jan 2021 10:39:17 GMT
server: tv
etag: W/"600e9fd5-1f798"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: IQ4Yc0Q04A79ClrGxCAuwstW9huuaJX8jbI8UKYRUkJFs3WUTNqYxQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.faf485809090fa85985f.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4F22 272 KB
80 KB 98ms
95ms Script
application/javascript 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.faf485809090fa85985f.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

6cec639559a0373f4611e9fd89bc1fdf23d88dc05cf29e0961f6c2c45df6f738

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://s.tradingview.com
Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 10:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248099
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Sat, 20 Feb 2021 09:50:13 GMT
server: tv
etag: W/"6030db55-13b18"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: R0wS2X6kvk8s2I-1dQXJymZSdyChmaJKKLpK1XhLcw7q3N4mv6eknw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.2d0a9a5ee605c85c6982.css
s.tradingview.com/static/bundles/embed/ Frame 4F22 2 KB
1 KB 96ms
95ms Stylesheet
text/css 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.2d0a9a5ee605c85c6982.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

61897b67e4ea870cfd90b2ec505005298f8e319b15f695547628a5e4635adac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 07:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7344750
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Fri, 27 Nov 2020 07:13:19 GMT
server: tv
etag: W/"5fc0a70f-3f4"
vary: Accept-Encoding
content-type: text/css
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: c9WsUWfDesb_tizSqp5HSWXgpJIKUNmyvrjnqlgbREJRJ5f_9VnNvQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_ticker_tape_widget.2e6202357fd3594485ce.css
s.tradingview.com/static/bundles/embed/ Frame 4F22 25 KB
5 KB 97ms
96ms Stylesheet
text/css 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.2e6202357fd3594485ce.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

3ea6931d41dff60efe83187d7c547a5b70422bf390ad5265b73e5be9c3623db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 11:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1716305
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Feb 2021 09:36:23 GMT
server: tv
etag: W/"601a6e97-1035"
vary: Accept-Encoding
content-type: text/css
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: Wo-e9gd_rBqtfcPgMAiiP_6w_xTaIAalQyknP24Hsy18lCA6BmUrxA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame 4DD5 3 KB
1 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-14KzGm0TF3Lx4fLKHr+Ecw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-14KzGm0TF3Lx4fLKHr+Ecw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Tue, 23 Feb 2021 07:46:38 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 8ms
7ms Image
image/gif 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: beforeitsnews.com
URL: https://beforeitsnews.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 05:15:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 441051
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Fri, 18 Feb 2022 05:15:47 GMT

GET
H2 200 cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg
beforeitsnews.com/img/i2021/02/ 15 KB
15 KB 22ms
22ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/cde1f41117dda45f42a328018f2b29f6c3733ac8.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9878dd957f48d334a326be363d7eefe2eb9a79f2d7d34763e44598e42e18cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 602268
cf-polished: origSize=16737, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15536
cf-request-id: 086f73cbb70000dfebab07a000000001
last-modified: Fri, 16 Aug 2019 22:57:14 GMT
server: cloudflare
etag: "5d5734ca-4161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 08:28:50 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 625f558c5821dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H2 200 e7428f37b6213f586e10a3720436e49ae57ad5ba.jpeg
beforeitsnews.com/img/i2021/02/ 10 KB
10 KB 34ms
34ms Image
image/jpeg 2606:4700:10::6816:4a8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beforeitsnews.com/img/i2021/02/e7428f37b6213f586e10a3720436e49ae57ad5ba.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4a8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158792ee2ceddbd39a88be4f203fbd64ecbb9b7dc70bc095628d70a38734e342

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://beforeitsnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1910710
cf-polished: origSize=11479, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10311
cf-request-id: 086f73cbb80000dfeb1a117000000001
last-modified: Sun, 15 Sep 2019 03:47:19 GMT
server: cloudflare
etag: "5d7db447-2cd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 05:01:28 GMT
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 625f558c5824dfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 SPhnRUU04-I Show response
www.youtube.com/embed/ Frame ACE0 51 KB
21 KB 43ms
42ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/SPhnRUU04-I

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bf19144cf84bdc7b3f085bcc6674bc66141631bfdc900982be722a17ccde07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/SPhnRUU04-I
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beforeitsnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=6kw2-znjGlw; VISITOR_INFO1_LIVE=-uBTSyN0oLM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://beforeitsnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Feb 2021 07:46:38 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+047; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/5a096a9f/ Frame ACE0 340 KB
51 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SPhnRUU04-I

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57664
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52112
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:45:34 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/ Frame ACE0 157 KB
57 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SPhnRUU04-I

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2de1ffe42871dbd7ab4adc416dd748b02273bd68e43255631d8e4fad6330045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57634
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58387
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:46:04 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame ACE0 2 MB
496 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SPhnRUU04-I

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3995cf4a71263d70b3354acf1c649038c18eaf289e4287b8cb8e2063df5f2901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57523
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 508012
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:47:55 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/5a096a9f/fetch-polyfill.vflset/ Frame ACE0 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SPhnRUU04-I

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57634
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:46:04 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACE0 10 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SPhnRUU04-I

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 16:25:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 55287
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Tue, 22 Feb 2022 16:25:11 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3ABE 31 KB
10 KB 36ms
35ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 83e22c7cf960bf9c41b1a84342654ce7ec8bc48c155b01b5c021fea6628c5b86

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 07:46:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=49993
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9306
Expires: Tue, 23 Feb 2021 21:39:51 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 4F22 98 KB
39 KB 64ms
50ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.faf485809090fa85985f.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5025567ff3effa356615b134779353a70d158566f2aa4fce08a066d9fdb8d6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39293
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Feb 2021 07:46:38 GMT

GET
H2 200 273.89109e08565358a840cc.css
s.tradingview.com/static/bundles/embed/ Frame 4F22 712 B
791 B 53ms
53ms Stylesheet
text/css 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/273.89109e08565358a840cc.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.c30008b99436f17ee7b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

e7619746f6490749626842ab49718b1dd431510d90b13b474f80685e206a5f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 10:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422352
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Feb 2021 09:06:34 GMT
server: tv
etag: W/"602e2e1a-125"
vary: Accept-Encoding
content-type: text/css
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: wJgTDAz9omtBVi4iqVchDI_rW3DZJ4EDehv-5OoKl2Lw1O_foylYzw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.341b940f0d0cd97b61b3.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4F22 4 KB
2 KB 53ms
53ms Script
application/javascript 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.341b940f0d0cd97b61b3.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.c30008b99436f17ee7b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

f54f5520fff3867ff9afe8c1f9ce56f228704e69cb49c254657f9f2db04c0ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334194
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 19 Feb 2021 10:12:11 GMT
server: tv
etag: W/"602f8efb-68a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: b5nmk3nL_zrO6n8AkFyDZCqD3Jo0fuDdHmjFycCxaxRTBIZE46C_vQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame ACE0 113 B
183 B 38ms
38ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac24f88292fd419d9649b01b25d95a8d167737f4a6bd719565519b4a92dc6307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame ACE0 29 B
393 B 54ms
40ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:45:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 74
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 23 Feb 2021 08:00:24 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame ACE0 95 KB
31 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb1da869f11de5f6d41770efeafe33cb06aa4540f13ce665a29aefcf0fe5cdad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57523
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32207
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:47:55 GMT

GET
H3-Q050 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
www.google.com/js/bg/ Frame ACE0 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 21:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 38346
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Tue, 22 Feb 2022 21:07:32 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/ Frame ACE0 29 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88876f6627eed8149d59d1c99b86ec067acb99904d2be968045c4ecf3440306d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 15:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 01:14:54 GMT
server: sffe
age: 57523
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9676
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:47:55 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3ABE 284 B
536 B 149ms
37ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
DATA 200
OK truncated
/ Frame ACE0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 AAUvwngJgFgrKhuvP7Nv4Xt3Wj28m--VzuneCMZU_ek1Sw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame ACE0 3 KB
4 KB 55ms
40ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwngJgFgrKhuvP7Nv4Xt3Wj28m--VzuneCMZU_ek1Sw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SPhnRUU04-I

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9a5388cd07bbf19396b0070f749948fd6da2abcadcd9accf4620d8f17194c4c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 05:30:37 GMT
x-content-type-options: nosniff
age: 8161
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3401
x-xss-protection: 0
server: fife
etag: "v1c1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Feb 2021 05:24:44 GMT

GET
H3-Q050 200 sddefault.jpg
i.ytimg.com/vi/SPhnRUU04-I/ Frame ACE0 44 KB
44 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/SPhnRUU04-I/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SPhnRUU04-I

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5794fc1df31697cfeb688e8541c2cd56eb1b5566d66e8a533e810c9674c88b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:14:28 GMT
x-content-type-options: nosniff
server: sffe
age: 1930
etag: "1605196756"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44933
x-xss-protection: 0
expires: Tue, 23 Feb 2021 09:14:28 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 4F22 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6242
date: Tue, 23 Feb 2021 06:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Feb 2021 08:02:36 GMT

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame ACE0 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Tue, 23 Feb 2021 07:46:38 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame ACE0 0
13 B 6ms
5ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?yPE3yA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/SPhnRUU04-I
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/SPhnRUU04-I
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 07:46:38 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 dc.js Show response
stats.g.doubleclick.net/ Frame 46C4 45 KB
17 KB 73ms
36ms Script
text/javascript 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1633
date: Tue, 23 Feb 2021 07:19:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 23 Feb 2021 09:19:25 GMT

GET
H3-Q050 200 dc.js Show response
stats.g.doubleclick.net/ Frame 5927 45 KB
17 KB 72ms
36ms Script
text/javascript 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1633
date: Tue, 23 Feb 2021 07:19:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 23 Feb 2021 09:19:25 GMT

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 4F22 3 KB
794 B 81ms
24ms Image
image/svg+xml 2600:9000:20d7:7c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4770f3dcd578f18a061c8705062bad7e959f3747f5c772749ccff4d63969480f

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:19:44 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:38 GMT
server: AmazonS3
age: 1319215
etag: W/"a1b146ea9ea1303b88095fbaca07491a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZAG50-C1
x-amz-meta-hash: a1b146ea9ea1303b88095fbaca07491a
x-amz-cf-id: Lcef64ARYmchYoa1_9FjRj_zOmxzktelQCvVkeqQIX8HEt57I7mPHw==

GET
H2 200 XTVCBTC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 4F22 813 B
1 KB 81ms
24ms Image
image/svg+xml 2600:9000:20d7:7c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a884bfd027efb4d6d028140f6af4ee69c0158f184e18c81b5503e90b6c46a313

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:29:50 GMT
via: 1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
last-modified: Wed, 25 Nov 2020 10:20:00 GMT
server: AmazonS3
age: 886609
etag: "95a42c153dde1fd4811492fe7d5fc213"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: ZAG50-C1
x-amz-meta-hash: 95a42c153dde1fd4811492fe7d5fc213
content-length: 813
x-amz-cf-id: BH2g9Y7fCvt2I8ARZ-wzyMOsTBXqg-u4j4f5fkcmyHFroALAVEGEfA==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 4F22 1 KB
938 B 80ms
24ms Image
image/svg+xml 2600:9000:20d7:7c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c67b269c17240c6a06dc1e095b2e3117bf36707dc5574bce3257a96b89792f82

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 02:42:26 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:06 GMT
server: AmazonS3
age: 1919053
etag: W/"7ae11541fa642c5193d8bd4a14f06f20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZAG50-C1
x-amz-meta-hash: 7ae11541fa642c5193d8bd4a14f06f20
x-amz-cf-id: BIKNoXCtnarCDgFewk9uSntS1Pthtn9GR6YFeN_gK-ZRr6BTdLBJhA==

GET
H2 200 XTVCETH.svg
s3-symbol-logo.tradingview.com/crypto/ Frame 4F22 593 B
973 B 78ms
24ms Image
image/svg+xml 2600:9000:20d7:7c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f026c82d20e24dcaa217ccdc82d8cb03354a04d52d24a3dcf0e01c159684bdd

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 02:28:12 GMT
via: 1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
last-modified: Wed, 25 Nov 2020 10:21:55 GMT
server: AmazonS3
age: 1401507
etag: "11e845c99b248e12f62f5bfc0346feb1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-pop: ZAG50-C1
x-amz-meta-hash: 11e845c99b248e12f62f5bfc0346feb1
content-length: 593
x-amz-cf-id: p4p7aDAUklvIzdLPUtGitfaKxYB1EG3yb0b-2BZJKMaG62t0VuUgSQ==

GET
H2 200 US.svg
s3-symbol-logo.tradingview.com/country/ Frame 4F22 3 KB
794 B 23ms
23ms Image
image/svg+xml 2600:9000:20d7:7c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/US.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.faf485809090fa85985f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4770f3dcd578f18a061c8705062bad7e959f3747f5c772749ccff4d63969480f

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:19:44 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:38 GMT
server: AmazonS3
age: 1319217
etag: W/"a1b146ea9ea1303b88095fbaca07491a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZAG50-C1
x-amz-meta-hash: a1b146ea9ea1303b88095fbaca07491a
x-amz-cf-id: KQd3PFYbdk_6D7ev_QCta-JJse7t7utHLS0kevMiA3wBlODQmrKWXw==

GET
H2 200 EU.svg
s3-symbol-logo.tradingview.com/country/ Frame 4F22 1 KB
937 B 23ms
23ms Image
image/svg+xml 2600:9000:20d7:7c00:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/country/EU.svg
Requested by: Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.faf485809090fa85985f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7c00:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c67b269c17240c6a06dc1e095b2e3117bf36707dc5574bce3257a96b89792f82

Request headers

Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 02:42:26 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 10:28:06 GMT
server: AmazonS3
age: 1919055
etag: W/"7ae11541fa642c5193d8bd4a14f06f20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZAG50-C1
x-amz-meta-hash: 7ae11541fa642c5193d8bd4a14f06f20
x-amz-cf-id: -UtOk-z0pK7f5e3sqy8SGjHKqzCwazFH4QYqn9oZco12tiRv_nlvSA==

GET
H2 200 protobuf-handler.8af4c04ea75a28c1d98a.js Show response
s.tradingview.com/static/bundles/embed/ Frame 4F22 122 KB
27 KB 55ms
54ms Script
application/javascript 65.9.20.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/protobuf-handler.8af4c04ea75a28c1d98a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.c30008b99436f17ee7b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.110 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

tv /

Resource Hash

772e2829664d6a5ecd75824c63e6491160e5b7e207b09a79b9e9168bfc218e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/ticker-tape/?locale=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 10:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7161067
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Wed, 02 Dec 2020 09:29:51 GMT
server: tv
etag: W/"5fc75e8f-6857"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: DherR2n8dyEPu5GDjzCXmNoZj51_FslQ2cEDWuWjUVvh7Q96hAiixw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 11D6 28 B
240 B 17ms
17ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/4PSg23TeK20
X-YouTube-Client-Version: 1.20210221.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgstdUJUU3lOMG9MTSjc5dKBBg%3D%3D
X-YouTube-Ad-Signals: dt=1614066396484&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image&bid=ANyPxKqwR7Wn4IdOJhjVSZaRnDePFnb-aLjtXjK7yUBc6i82Aw92mbTyKpR5yo-VvvK_Nk8EmuMplElF4sOtOguhLnU1Oj8rZw

Response headers

date: Tue, 23 Feb 2021 07:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 23 Feb 2021 07:46:47 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame ACE0 28 B
171 B 18ms
17ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5a096a9f/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/SPhnRUU04-I
X-YouTube-Client-Version: 1.20210221.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgstdUJUU3lOMG9MTSje5dKBBg%3D%3D
X-YouTube-Ad-Signals: dt=1614066398252&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image&bid=ANyPxKrPGHyzmQVf-CxMK2nfgzZKUB2OkKKwFBwKXUBvGpOT-31SS63VQNel9_4A6WLRI49F_Hgf1ZK3hvxOT4C7J4SIBMb2yw

Response headers

date: Tue, 23 Feb 2021 07:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 23 Feb 2021 07:46:48 GMT

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6kw2-znjGlw
.beforeitsnews.com/	1970-01-19 16:21:06	Name: _gat_gtag_UA_16055024_1 Value: 1
.beforeitsnews.com/	1970-01-19 16:22:32	Name: _gid Value: GA1.2.395671505.1614066398
.youtube.com/	1970-01-19 20:40:18	Name: VISITOR_INFO1_LIVE Value: -uBTSyN0oLM
.beforeitsnews.com/	1970-01-20 09:52:18	Name: _ga Value: GA1.2.72590407.1614066398
beforeitsnews.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22OIJgTQXAl%22%7D%2C%22C720412%22%3A%7B%22page%22%3A1%7D%2C%22C351459%22%3A%7B%22page%22%3A1%7D%7D
beforeitsnews.com/	1970-01-20 16:21:06	Name: b4in-uuid Value: 72242e69-e774-4102-ad5f-a52459aa6809
beforeitsnews.com/	1970-01-19 16:21:14	Name: __cflb Value: 0H28vyGHkAVLrvrHtVeXcnzc1ntEAaKyFzrzVcrXaeT
beforeitsnews.com/	1969-12-31 23:59:59	Name: SERVERID Value: s3
.beforeitsnews.com/	1970-01-19 17:04:18	Name: __cfduid Value: d16367838a39ca505d7be6e557657e2271614066395

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	(Line 1) Message: [Web Cached] Loaded time: 0.00252s
console-api	log	URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-20210219.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20211237(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20211237(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.sportradarserving.com
ajax.beforeitsnews.com
ajax.cloudflare.com
amg-news.com
ams.creativecdn.com
beforeitsnews.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgflip.com
i.rmbl.ws
i.ytimg.com
img.beforeitsnews.com
img.youtube.com
jsc.mgid.com
l.sharethis.com
lockerdome.com
match.adsrvr.org
news.harvard.edu
pagead2.googlesyndication.com
platform-api.sharethis.com
rddywd.com
rtb-csync.smartadserver.com
rumble.com
s-img.mgid.com
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.amazonaws.com
s3.tradingview.com
secure-assets.rubiconproject.com
servicer.mgid.com
stateofthenation2012.com
static-3.bitchute.com
static.doubleclick.net
stats.g.doubleclick.net
token.rubiconproject.com
translate.google.com
translate.googleapis.com
www.anhinternational.org
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.port.ac.uk
www.ucl.ac.uk
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.154.142.214
104.16.199.73
104.18.64.15
104.19.133.78
104.19.216.61
142.250.186.130
144.82.250.24
151.139.242.29
169.59.64.184
18.194.183.62
185.184.8.30
185.59.220.198
185.86.139.114
192.124.249.61
23.37.42.132
2600:9000:20d7:7c00:1f:2f70:3e80:93a1
2600:9000:2127:d600:1c:8a07:5e80:93a1
2600:9000:2127:d800:c:a9b7:ddc0:93a1
2600:9000:2127:fe00:c:abe:f440:93a1
2606:4700:10::6816:4a8a
2606:4700:3032::ac43:b25b
2606:4700:3036::ac43:8a2c
2606:4700::6810:a723
2606:4700::6812:e134
2620:12a:8000::4
2a00:1450:4001:800::200e
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2016
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:400c:c08::9c
2a02:e980:1fe::ad
3.124.46.162
34.252.253.152
52.217.102.22
52.29.155.194
64.62.227.19
65.9.20.109
65.9.20.110
69.173.144.138
89.40.36.137
93.184.221.168
00bd120743d2d1b5e52bc521a46b32395921257bc015fb7a8d300ca0d0751f96
015e60058339f7e4d8c417f6d11149d2ec03f7a43a902b281be46b9dd806b123
03c792792d511cd24bbdec140d85befe457c4cf17d781bbcef9873ba0c729126
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
04d392b2b51c75683f2772eaed404030d0ab5261aacb876e443cb1479ed5fcc1
06ac7edeb319936300123014e79a92feb471b58803b10d87fd5a2fb05444bb68
072338776bc53654ed614f094cc7995fc6aedb75d412dbaffdb10536357f7443
0e6db22536ccf678ce0ea24ab7836e19383fdc18520b11bf6445e4c8aaeee625
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
106ed944f0eac79ea6449a12ca5dea0d62cc453a3d6f56e2d0cff3526a6c5440
1091ab93bd1f31cb14257367ab014300c2f7d78405bf896e79b2431bfb3ca0bc
121cb1fb120cf0c70971e0f5640cb14c17312a8ab0a107ad2630c2a8215c1037
12d55b3419f8e9131cb5ce800f5b0b90d096b47b09ae8d06aab7094244a0bad5
12e8c21454a50ffbbf1a79a135c93ea372b6b8388ffcf2963167a596a8f83a91
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
158792ee2ceddbd39a88be4f203fbd64ecbb9b7dc70bc095628d70a38734e342
163cc5bd0a3f3045ee6d4f046ad35361f6a74f4a00710349ca53a224ac7b3909
179be95aa7c0cb318bc64f19bf278b564f1c32234c103ca219f13dc17f7ac2cf
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848
19e116fe51fbeb2b69a662c99aabd6bc41e6e82eb55e9f56846e4a76414a4f0b
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1d5b29d858d79d8bf60f8e542a3bb69472f5c9a1c93193a7a4d5e5a50e2e35c5
21eee0cd66c42d294aac779d0c9190fc8176bcdb6bf40fb77ab037625413c331
22341a5efa5fb6d62c0424ea158e0a925c2e281d0f7ac4b85b1b5c6946bab6d1
237c32bc1bf3da03baf0333fda0e4ec7d8a5c9d0cfdc4e90443cadbb660520e3
2679778b93df6e744375df15a0cf3bf725c05682ab914436cc1ef9d89b35ec74
26a162d9a9077372e791b2f09e453dc2e36ffe21783184c9867ee3eaec9fe3b9
2a7166a9bf611075509f6daab98e6c808afc3316c14f4bfe1459b5bea17aca24
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
2edc2c43c524bc1ff196547b16d8e7c10b8b15664c389f7d24ad9a9169dd4c6b
310eaeee814d79e97a48c1859c4d0187ffc24b92fec8f2b7a190b56448f776d5
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31edad81f347e211c853130f9dd18a66aa408ca35662d139407d71182f0766b2
34d736a8fcf1d2ac4fca42302365ae0d8e3106cff1d9bfa8ffaf2af859957c8c
3995cf4a71263d70b3354acf1c649038c18eaf289e4287b8cb8e2063df5f2901
3a5ab2d2ac9994e326a1fc12731158871a83dafea68f5e09d599c1fdfb179366
3dc12a8b4eec98ace895bdda9f4e63c8e20814a9e6376d8b40fd62132aa75b5c
3ea6931d41dff60efe83187d7c547a5b70422bf390ad5265b73e5be9c3623db6
3f026c82d20e24dcaa217ccdc82d8cb03354a04d52d24a3dcf0e01c159684bdd
414d8b428bdb05db9e520b23c7855cb14d5eee21007b4492d7f151f46ffd0f3a
4225da6f2c070d9d356b13b72fbaa2fb1f4cc7ca1885113c969c137670459e1d
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
43b882f5cbb382e6bb416613c2d3eafc18a1e3d94743e840404903d12f7ffc7b
44d099bcfc89d6a5da7095c2a72d759ea5db764faa80a350dad3f78b6d12da82
44d7c5c6c074e87f9c72f3d1bb51c534a8fc8171d2ea19aa29075f39e1177635
4770f3dcd578f18a061c8705062bad7e959f3747f5c772749ccff4d63969480f
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
48958ed51962a648fc7fda3620731d6a8340a0c0b5df1c4253e10d066361c2e9
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a70b62ad71ea4dc6182823f20956a07bb69723c695c2b9458c1a5b78e707cb6
4abebe6bdf30589cb389f88f90ac59f800c5d9c9fd4c8b2117b1fc8712ed78c5
4be268e069cf2928f99749dc06354d9d488eeddd30609e074f6c56f376ba319e
4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807
4db4602c0a421abb81b313b76ee5b2988aa0970baf3eb08bfcb5bef3b1855fbe
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
5025567ff3effa356615b134779353a70d158566f2aa4fce08a066d9fdb8d6ab
505864f9436def05580211dd30d70e6c5dfd59b7c3b65a900687004174e25975
53c27b51fbe75ac10fa50e1d74506eb92c2ba81014abeee79042db03ed06a64f
54064774d90d69cd25d9f7ffbe4af70bb93af95322ebf09159d7a55b940598e4
546f51b3ea22ede0d5ed26f7686f15bdbd300c066497554511de916b813437ed
5794fc1df31697cfeb688e8541c2cd56eb1b5566d66e8a533e810c9674c88b8a
581d0975297fd9b7d3a036c32225c5235bf6a0f17d59eb38ca545ede64bbdfa1
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61897b67e4ea870cfd90b2ec505005298f8e319b15f695547628a5e4635adac1
67e6a78131e5b13c4c3fd20f85b88b142f5de26c35a05b7f737d328f8ee52e40
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6aae7f67b0a890728d141dd89c222472429682a0f2fc6273eb92dfc2f58126d6
6c2d786e6f8dc0814a04b487dbe6783d5ee4b4cddd132ae9becc93b144138a77
6cec639559a0373f4611e9fd89bc1fdf23d88dc05cf29e0961f6c2c45df6f738
6f76e0b17157a812f76a2619fd044f13a1e9f38b73145fd02d35f8bc67d1533f
70a19d1ca7404f3c27831f4cdfc265e949b48178eab00bc6dd160dd165a04b03
714e4b742a1ddc3565cfb472ac59b37a1bc03dd471e5d51a13647bfced2dbf5c
7187ff1c53713a374a7946b2fc1683da10f623719082dba6d36f150e326527f1
724d7b74367497bb10c46d55c5490246031ae83559b82b20d6199508674b8202
76afa64166a8fa896379f5e72cabf86e9cd3fcf845a526aca5ef93b7b128d36e
772e2829664d6a5ecd75824c63e6491160e5b7e207b09a79b9e9168bfc218e86
79e79a24d576b3d175c341c4b9cdff0c83064be68e983faa02a8f0b32d4042ab
7ad44da673aa6ca75660e2e45e49e9076c188798058632919c3bc8b5db2fec25
7da761b03d01e70b429f611776670b9201d942249a07b3614048667da1ecb9e9
7ed42fc094572e6378e5d18b652dc906de75340a06f725f70c5bb799beeff089
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
83e22c7cf960bf9c41b1a84342654ce7ec8bc48c155b01b5c021fea6628c5b86
843a295d102f432f3c7465697556c7f0b078d4db7f8df189dbcd196105f46fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88820f969f905fe5514b912f98409887e1634602d8bf2db183b8a64b513ca4b3
88876f6627eed8149d59d1c99b86ec067acb99904d2be968045c4ecf3440306d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2cdd0468e17f7a548dd21640dcadd36c104fda3ba47093ffa0e90faad22c52
8bd559dad13382260ef019f6a0807b9dd746bd6738a93bcbc77929041e0bb5f7
8bf19144cf84bdc7b3f085bcc6674bc66141631bfdc900982be722a17ccde07c
8bf3479f377f35625cdf4cd09e240522083af64f40dc39544d7c147e61c09aa3
8d9bffaac9b1bd6cc921971b3f967b954b1eb1aed610cdf11cf3651e4443f5ea
8d9e978de5c5632121b45c98aa84b6b6e816dca67928093fef8e186e749925da
8e7569403d1a2fb6ab1150da52147d1c17285e518901423fd0b853bda020bc48
8e9b0e480e33e2fc9cb54f507ed9b6c423ad4482ea4e9e2a1e889dadcea2f119
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9085b891c960343c10190f47bcaf7cbcd8981e03c949a3da7bfe3791bef56215
924bb860ba275232227964d72e9fd3192d9187f721bb0cb30a1e17289daa3965
97b157d25b2620c6a59a6ed469adcc741ce36e24b7a134a466ab95bfece785c7
9a5388cd07bbf19396b0070f749948fd6da2abcadcd9accf4620d8f17194c4c1
9c85991e770a9e46492b1c4ddb8a4dd90e1a7c2bb751b50e48c3b009bc9520f3
9cdbe83db568eb7ac1ba83daaff0c6357d863d6f8b31b93390ef4bd598e1c815
9d16c6b94e2a39d2fa4a1571dac6e98ecd8a8738f8d8c46fbdfe5a5b632afebf
a2de1ffe42871dbd7ab4adc416dd748b02273bd68e43255631d8e4fad6330045
a680689e4e29a9a2d0626a0c3c05656c9e326f0fb117c9f2b05d478b252f9c37
a884bfd027efb4d6d028140f6af4ee69c0158f184e18c81b5503e90b6c46a313
a967f25d6a6fdd3b07925b14c4a30194447cd1e98d045aa98f8c0487a7f06fb7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
abc7d329823f6916679b9cf735e8d9dcade4ec3faf23ed2369af10426c77b21c
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ac24f88292fd419d9649b01b25d95a8d167737f4a6bd719565519b4a92dc6307
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ad95e2ac06cacb286e37d1b25733cb20f483641b0e40cd4dba1ac90622ecae19
af54c50c8c81bb5de6f8460e58f66372a414cf89628038ef7afc9dd3f49bf50e
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b148eae8f79297bd0c52cc41bca3d296bf903129417be6e0552917f76a101125
b1d6fc3d1457c30c5a89ff8320a499cbcdd0a7ec66b32b88c731f69c152d01f7
b281ad27f364870c796484abb0200415eaee3e6c8ecc3e118007a960c5de53e6
b2e5a638fb07ba8200e62d0abebcc5d24fe3c6702d1591b25496a6e3699b1f25
b60ca40efec2a003e29f273d9b67f69c87bcc91a84f1014ccd31efd15eae5b75
b6b54686d73941246bd7d98dbc2b4424addbd03ad27a4760e3ee8a6b9224fb6d
b6d3b0537a9c46317d65f7511415cca88bc7ba44f64511d13c80302c37926b08
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bb1da869f11de5f6d41770efeafe33cb06aa4540f13ce665a29aefcf0fe5cdad
bb7e9dcf46c3e28648a9eefe825726629633a1ca87f1a040c310dc3a28ea6cc1
c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01
c3ff1e00c307344dbd017b863b4b41580bd846860784a995f396a9b4602722a1
c4b158ed9fbcb3065871a2c777591fecf99b79ec119e3d930e3e00e51f934025
c64b23467e6c66bc8774369d870a4df94f72369f68478bd2be51e43fefd60816
c67b269c17240c6a06dc1e095b2e3117bf36707dc5574bce3257a96b89792f82
c7172af71f54b3398cf15442ad943f001b1d8386215a68264c026b15888c87d8
c76a2c1348a529c4beb75b1987013cebad0b3d8ee758a8f124bc9500549e1c46
c8a3a8998456680357127ef5b8b14e940b671ea39dd82f03f1c49c514631f9c7
c9878dd957f48d334a326be363d7eefe2eb9a79f2d7d34763e44598e42e18cf8
cae05bcb20ea575887692def36986cb603f9acd74305e0d6065a26c5b7c4e40b
cc72c12855f4a120e4b586dcc7b589ec2691fb300fdf362f413b9945c82dab5d
ce9a2c645aec6b5baf9ff6d8704f5cbb098ae455414259627a712eced90ac4f7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2be45b531f8d5db4405c921413141083dee0520faa3b3a99feacbd51cc0ce
d14382d0bc86ecb1eccae9e8ed903432986d6e8d572f16fe1b0903717a5e5e8e
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d235575d4c8eaa3fe8180eb54fa86aba26c932603153d88bb4a9d0b4ae2fa7a6
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
d42ac7dfc883f0ab7b0c8a4f33b09faab6bc8380ff3db796f300af6acb5196f5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7fee305e00cdf2564b19f2ce784e9b7ea43e2f0d31b974f2a3573b1b72ffca5
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
dbf6ab527a3928c80bb04a99ea3c9d5067dd8d7beb492849b7ccd29765d5d34d
dcbdc7b5d065e78ec9ac4157d720edb83e6d1fd34c0818355eeb2e2fd205bcec
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e1d8730347537478b70a1be17394e1ef0bdffce6ba082c43eafd663b378d9834
e27a9919f3534145aba4573890732395cc75378461e9762ffedb2302d67f0345
e3925480b47b3942357ce9fe71b56e2f558b7ecb63dec1b651d42d333feedc83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ac7cf40b4f543683466d88df4b2b8e8b3dd62100c2a79025aef8d7ec6afcaa
e7619746f6490749626842ab49718b1dd431510d90b13b474f80685e206a5f84
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa50f84be24d2b5f9e1ccb57fdf442aa6768ca2be24cc49e7c0f7c4294b0551
f338859d4b3b498906d8a586aa0e5f3525e5a4e3584f95b7d6b2bf213491f927
f54f5520fff3867ff9afe8c1f9ce56f228704e69cb49c254657f9f2db04c0ad3
f7fcb3dd77ffeb9fa5bc524bccc249f684d79acbcffb69cfd342dd2b2d0a1348
ff90a7645bd6b34292930e3c5e85313feabe1b2a40783b58d09fa238fd05d702

beforeitsnews.com Open in urlscan Pro 2606:4700:10::6816:4a8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

100 %HTTPS

57 %IPv6

41 Domains

62 Subdomains

53 IPs

8 Countries

13317 kBTransfer

18876 kBSize

10 Cookies

26 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beforeitsnews.com Open in urlscan Pro
2606:4700:10::6816:4a8a Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

100 %
HTTPS

57 %
IPv6

41
Domains

62
Subdomains

53
IPs

8
Countries

13317 kB
Transfer

18876 kB
Size

10
Cookies

208 HTTP transactions
5 data transactions