www.thedailybeast.com Open in urlscan Pro
2606:4700::6811:5631 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster
Submission: On December 21 via api (December 21st 2021, 8:03:02 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 32 IPs in 2 countries across 25 domains to perform 122 HTTP transactions. The main IP is 2606:4700::6811:5631, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thedailybeast.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on July 9th 2020. Valid for: 2 years.

This is the only time www.thedailybeast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700::68... 2606:4700::6811:5631	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:b9b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:ca3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.21.128 13.32.21.128	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:710... 2a02:26f0:7100:2ab::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.63.12.147 178.63.12.147	24940 (HETZNER-AS) (HETZNER-AS)
12	151.101.2.62 151.101.2.62	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
8	151.101.66.62 151.101.66.62	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.7.60 65.9.7.60	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
1	13.32.21.110 13.32.21.110	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:4600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
122	32

17 2606:4700::6811:5631 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thedailybeast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.thedailybeast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.thedailybeast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:ca3a (United States)

ASN13335 (CLOUDFLARENET, US)

assets.thedailybeast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graphql-prod.thedailybeast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-128.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:7100:2ab::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.63.12.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de715.cxense.com

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.2.62 (United States)

ASN54113 (FASTLY, US)

uw-media.courierpostonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cpt-static.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
downloadmedia.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.62 (United States)

ASN54113 (FASTLY, US)

cpt-static.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.60 (Altamonte Springs, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-110.fra56.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

id.thedailybeast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	thedailybeast.com www.thedailybeast.com img.thedailybeast.com assets.thedailybeast.com graphql-prod.thedailybeast.com id.thedailybeast.com	847 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	535 KB
11	gannett-cdn.com www.gannett-cdn.com downloadmedia.gannett-cdn.com	688 KB
11	youtube.com www.youtube.com	762 KB
8	gannettdigital.com cpt-static.gannettdigital.com	191 KB
7	cxense.com cdn.cxense.com p1cluster.cxense.com comcluster.cxense.com id.cxense.com	54 KB
7	google.com www.google.com	81 KB
7	cookielaw.org cdn.cookielaw.org	120 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net securepubads.g.doubleclick.net	146 KB
3	amazon-adsystem.com c.amazon-adsystem.com	40 KB
3	tinypass.com cdn.tinypass.com buy.tinypass.com id.tinypass.com	91 KB
2	adsafeprotected.com cdn.adsafeprotected.com static.adsafeprotected.com	11 KB
2	parsely.com cdn.parsely.com p1.parsely.com	26 KB
2	googleapis.com imasdk.googleapis.com	319 KB
2	sail-personalize.com api.sail-personalize.com	495 B
1	googlesyndication.com pagead2.googlesyndication.com	13 KB
1	2mdn.net s0.2mdn.net	17 KB
1	polyfill.io cdn.polyfill.io	589 B
1	courierpostonline.com uw-media.courierpostonline.com	18 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	piano.io c2.piano.io	4 KB
1	ytimg.com i.ytimg.com	87 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	sail-horizon.com ak.sail-horizon.com	43 KB
1	onetrust.com geolocation.onetrust.com	398 B
122	25

	Domain	Requested by
11	assets.thedailybeast.com	www.thedailybeast.com assets.thedailybeast.com
11	www.youtube.com	www.thedailybeast.com www.youtube.com assets.thedailybeast.com
10	www.gstatic.com	www.google.com www.youtube.com www.gstatic.com
9	www.gannett-cdn.com	uw-media.courierpostonline.com www.gannett-cdn.com cpt-static.gannettdigital.com
8	cpt-static.gannettdigital.com	uw-media.courierpostonline.com www.thedailybeast.com
8	graphql-prod.thedailybeast.com	assets.thedailybeast.com
7	www.google.com	assets.thedailybeast.com www.youtube.com www.gstatic.com
7	cdn.cookielaw.org	www.thedailybeast.com cdn.cookielaw.org
5	img.thedailybeast.com	www.thedailybeast.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
4	fonts.gstatic.com	www.youtube.com
3	c.amazon-adsystem.com	cpt-static.gannettdigital.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	cpt-static.gannettdigital.com securepubads.g.doubleclick.net
3	www.thedailybeast.com	www.thedailybeast.com
2	downloadmedia.gannett-cdn.com	uw-media.courierpostonline.com
2	imasdk.googleapis.com	uw-media.courierpostonline.com imasdk.googleapis.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	id.thedailybeast.com	cdn.tinypass.com
1	p1.parsely.com	uw-media.courierpostonline.com
1	static.adsafeprotected.com	cpt-static.gannettdigital.com
1	pagead2.googlesyndication.com	srcdoc
1	cdn.adsafeprotected.com	cpt-static.gannettdigital.com
1	s0.2mdn.net	imasdk.googleapis.com
1	cdn.parsely.com	www.gannett-cdn.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	cdn.polyfill.io	uw-media.courierpostonline.com
1	uw-media.courierpostonline.com	cdnjs.cloudflare.com
1	p1cluster.cxense.com	cdn.cxense.com
1	cdnjs.cloudflare.com	assets.thedailybeast.com
1	c2.piano.io	cdn.tinypass.com
1	id.tinypass.com	cdn.tinypass.com
1	buy.tinypass.com	cdn.tinypass.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	ak.sail-horizon.com	assets.thedailybeast.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn.tinypass.com	www.thedailybeast.com
122	40

This site contains links to these domains. Also see Links.

Domain
thedailybeast.freshdesk.com
coupons.thedailybeast.com
www.facebook.com
www.twitter.com
www.instagram.com
feeds.thedailybeast.com
flipboard.com
twitter.com
www.reddit.com
thehill.com
www.courierpostonline.com
www.inquirer.com
www.amazon.com
docs.google.com
www.bnd.com
graph.facebook.com
fox2now.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.thedailybeast.com GeoTrust RSA CA 2018	`2020-07-09` - `2022-07-21`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-19` - `2022-09-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
ak.sail-horizon.com Amazon	`2021-01-07` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
api.sail-personalize.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
courierpostonline.com R3	`2021-12-07` - `2022-03-07`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
usatoday.com R3	`2021-12-10` - `2022-03-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
id.thedailybeast.com Cloudflare Inc ECC CA-3	`2021-02-19` - `2022-02-18`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster
Frame ID: 00E8B9EE92D3F7252060C36018544C6A
Requests: 47 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0
Frame ID: D0EEB9034788E63D53464D80F8FF81E3
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk&co=aHR0cHM6Ly93d3cudGhlZGFpbHliZWFzdC5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=inline&cb=fct3uwsuwt81
Frame ID: 864D2E6A9914A1CB660D2116AD862E47
Requests: 4 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 1E8F7305E84F9384D5E8C9878959F15B
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk
Frame ID: 3A2799201F44B22FACCBAF17C2987064
Requests: 11 HTTP requests in this frame

Frame: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed
Frame ID: 95C4676E0EE485021F73C74D0F1F8790
Requests: 33 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 4C6AAA2E4B8D2ACF75B328A475831C33
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2351C26BB4F06E25303B2CCF1AEF97D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bill O’Reilly: I Had to Console Trump After MAGA Fans Booed Him for Getting Vaccine BoosterBack ButtonSearch IconFilter Icon

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

122
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

40
Subdomains

32
IPs

2
Countries

4099 kB
Transfer

11398 kB
Size

20
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://thedailybeast.freshdesk.com/support/solutions
Title: Need Help?

Search URL Search Domain Scan URL

URL: https://coupons.thedailybeast.com/
Title: COUPONS

Search URL Search Domain Scan URL

URL: https://coupons.thedailybeast.com/coupons/adidas
Title: Adidas Promo Codes

Search URL Search Domain Scan URL

URL: https://coupons.thedailybeast.com/coupons/doordash
Title: DoorDash Promo Codes

Search URL Search Domain Scan URL

URL: https://coupons.thedailybeast.com/coupons/h-m
Title: H&M Coupons

Search URL Search Domain Scan URL

URL: https://coupons.thedailybeast.com/coupons/hotwire
Title: Hotwire Promo Codes

Search URL Search Domain Scan URL

URL: https://coupons.thedailybeast.com/coupons/wine-com
Title: Wine.com Discounts

Search URL Search Domain Scan URL

URL: https://coupons.thedailybeast.com/coupons/vitacost
Title: Vitacost Coupons

Search URL Search Domain Scan URL

URL: https://coupons.thedailybeast.com/coupons/spanx
Title: Spanx Promo Codes

Search URL Search Domain Scan URL

URL: https://coupons.thedailybeast.com/coupons/walmart
Title: Walmart Promo Codes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thedailybeast/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/thedailybeast

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thedailybeast/

Search URL Search Domain Scan URL

URL: https://feeds.thedailybeast.com/rss/articles

Search URL Search Domain Scan URL

URL: https://flipboard.com/@TheDailyBeast?utm_source=TheDailyBeast&utm_medium=follow&utm_campaign=tools

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thedailybeast.com%2Fbill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster%3Fsource%3Dtwitter%26via%3Ddesktop&via=thedailybeast&text=Bill%20O%E2%80%99Reilly%3A%20I%20Had%20to%20Console%20Trump%20After%20MAGA%20Fans%20Booed%20Him%20for%20Getting%20Vaccine%20Booster&counturl=https%3A%2F%2Fwww.thedailybeast.com%2Fbill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?title=Bill%20O%E2%80%99Reilly%3A%20I%20Had%20to%20Console%20Trump%20After%20MAGA%20Fans%20Booed%20Him%20for%20Getting%20Vaccine%20Booster&url=https%3A%2F%2Fwww.thedailybeast.com%2Fbill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster%3Fvia%3Ddesktop%26source%3DReddit

Search URL Search Domain Scan URL

URL: https://thehill.com/homenews/media/586694-bill-oreilly-says-trump-will-run-again
Title: Read it at The Hill

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thedailybeast.com%2Fhate-crime-charges-dropped-against-bordentown-nj-ex-police-chief-frank-nucera-jr%3Fsource%3Dtwitter%26via%3Ddesktop&via=thedailybeast&text=Feds%20Drop%20Hate-Crime%20Charges%20Against%20Ex-New%20Jersey%20Police%20Chief%20Accused%20of%20Assaulting%20Black%20Teen&counturl=https%3A%2F%2Fwww.thedailybeast.com%2Fhate-crime-charges-dropped-against-bordentown-nj-ex-police-chief-frank-nucera-jr

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?title=Feds%20Drop%20Hate-Crime%20Charges%20Against%20Ex-New%20Jersey%20Police%20Chief%20Accused%20of%20Assaulting%20Black%20Teen&url=https%3A%2F%2Fwww.thedailybeast.com%2Fhate-crime-charges-dropped-against-bordentown-nj-ex-police-chief-frank-nucera-jr%3Fvia%3Ddesktop%26source%3DReddit

Search URL Search Domain Scan URL

URL: https://www.courierpostonline.com/story/news/2021/12/02/bordentown-township-police-chief-frank-nucera-jury-deadlocks-mistrial/8837753002/
Title: “fucking, little, fucking n-----.”

Search URL Search Domain Scan URL

URL: https://www.inquirer.com/news/frank-nucera-jr-dropped-assault-charges-bordentown-20211221.html
Title: Read it at The Philadelphia Inquirer

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thedailybeast.com%2Fget-coffee-house-style-espresso-at-home-with-these-nespresso-deals%3Fsource%3Dtwitter%26via%3Ddesktop&via=thedailybeast&text=Tons%20of%20Nespresso%20Machines%20Are%20Part%20of%20Amazon%E2%80%99s%20Deal%20of%20the%20Day%20Today&counturl=https%3A%2F%2Fwww.thedailybeast.com%2Fget-coffee-house-style-espresso-at-home-with-these-nespresso-deals

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?title=Tons%20of%20Nespresso%20Machines%20Are%20Part%20of%20Amazon%E2%80%99s%20Deal%20of%20the%20Day%20Today&url=https%3A%2F%2Fwww.thedailybeast.com%2Fget-coffee-house-style-espresso-at-home-with-these-nespresso-deals%3Fvia%3Ddesktop%26source%3DReddit

Search URL Search Domain Scan URL

URL: https://www.amazon.com/s?k=nespresso&i=garden&crid=20OLR6KQW2BYR&sprefix=nespresso%2Cgarden%2C149&linkCode=ll2&tag=thedaibea-20&linkId=8d113591844d5cbcd638d3e5c386e0cc&language=en_US&ref_=as_li_ss_tl
Title: Nespresso

Search URL Search Domain Scan URL

URL: https://www.amazon.com/deal/09dd5360?showVariations=true&linkCode=ll2&tag=thedaibea-20&linkId=b3fc1fc2e82e2bc4f5edb269858981b8&language=en_US&ref_=as_li_ss_tl
Title: game-changing espresso machines

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Nespresso-Espresso-Machine-Aeroccino-Breville/dp/B01MZCQBY4?smid=ATVPDKIKX0DER&linkCode=ll1&tag=thedaibea-20&linkId=0c1d4229184bdbec73749681cd7016fb&language=en_US&ref_=as_li_ss_tl
Title: Breville BNV250CRO1BUC1 Vertuo Coffee and Espresso Machine

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Nespresso-Vertuo-Espresso-Machine-Breville/dp/B01MR8Y1UJ?smid=ATVPDKIKX0DER&linkCode=ll1&tag=thedaibea-20&linkId=62fcf9caffd9e09348995c12fa2ece29&language=en_US&ref_=as_li_ss_tl
Title: Breville BNV220BKM1BUC1 Vertuo Coffee and Espresso Machine

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Breville-BNV540DCR1BUC1-Vertuo-Single-Serve-Espresso/dp/B08VNXCQZ5?smid=ATVPDKIKX0DER&linkCode=ll1&tag=thedaibea-20&linkId=ab3682d5d0cd5a6c927e175eab7531c0&language=en_US&ref_=as_li_ss_tl
Title: Nespresso BNV540DCR Vertuo Next Espresso Machine by Breville

Search URL Search Domain Scan URL

URL: https://www.amazon.com/deal/09dd5360?showVariations=true&linkCode=ll2&tag=thedaibea-20&linkId=76265a3265e54eef9b7ec548b8747917&language=en_US&ref_=as_li_ss_tl
Title: Breville's best-selling Nespresso machines

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLScCLR4v0ogcnoAH8kmahuD3Zzk1JQ6JrldQgPB82IP9rwa0cw/viewform
Title: Let us know

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thedailybeast.com%2Fconvicted-arsonist-jeramie-simmons-named-acting-chief-of-saint-clair-county-illinois-fire-department%3Fsource%3Dtwitter%26via%3Ddesktop&via=thedailybeast&text=Convicted%20Arsonist%20Named%20Acting%20Chief%20of%20Illinois%20Fire%20Department&counturl=https%3A%2F%2Fwww.thedailybeast.com%2Fconvicted-arsonist-jeramie-simmons-named-acting-chief-of-saint-clair-county-illinois-fire-department

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?title=Convicted%20Arsonist%20Named%20Acting%20Chief%20of%20Illinois%20Fire%20Department&url=https%3A%2F%2Fwww.thedailybeast.com%2Fconvicted-arsonist-jeramie-simmons-named-acting-chief-of-saint-clair-county-illinois-fire-department%3Fvia%3Ddesktop%26source%3DReddit

Search URL Search Domain Scan URL

URL: https://www.bnd.com/news/local/article213982269.html
Title: who has had other run-ins with the law since

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1389834394575257
Title: Prairie Du Pont Volunteer Fire

Search URL Search Domain Scan URL

URL: https://graph.facebook.com/1389834394575257/posts/3829157403976265/
Title: Monday, December 20, 2021

Search URL Search Domain Scan URL

URL: https://fox2now.com/news/illinois/previously-convicted-arsonist-named-acting-fire-chief-of-metro-east-volunteer-fire-department/
Title: Read it at Fox2Now.com

Search URL Search Domain Scan URL

URL: https://twitter.com/thedailybeast

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

122 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster Show response
www.thedailybeast.com/ 227 KB
64 KB 393ms
352ms Document
text/html 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f449235ef6ed94c26713bc72df6627a1c081a9aa4e1419caebd1ff272356e5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-type: text/html; charset=utf-8
cf-ray: 6c13b5fcda8659ad-MXP
cache-control: private,no-cache
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept, Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-tdb-cache-scope: rev:22.4.466:gbp:desktop
x-tdb-deployment: 22.4.466
x-tdb-host: prod-tdb-6bb66c56f7-tsl5q
x-tdb-revision: a63aff7c04c0420d347bdb03726074e06e5cc726
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: gzip

GET
H2 200 LoW-2_lo7rcj.png
img.thedailybeast.com/image/upload/v1549925775/ 68 KB
68 KB 89ms
82ms Image
image/webp 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.thedailybeast.com/image/upload/v1549925775/LoW-2_lo7rcj.png
Requested by: Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66a651f541513b86956655344cb36ac9fb42c523daeea6be091a981e38439e01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
cf-cache-status: HIT
age: 3710799
cf-polished: origFmt=png, origSize=103195
content-disposition: inline; filename="LoW-2_lo7rcj.webp"
server-timing: akam;dur=2;start=2021-11-08T21:16:17.003Z;total=4;desc=hit,rtt;dur=0
content-length: 69424
timing-allow-origin: *
surrogate-key: 536580188946789305253528967976290244451 f49c7cde2a4518ed1c0851d89176f74d
last-modified: Mon, 11 Feb 2019 22:56:16 GMT
server: cloudflare
etag: "a0d8fadc3671600ba229dc4d5765aaab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 07 Dec 2022 22:43:25 GMT
cache-control: public, max-age=30336029
accept-ranges: bytes
cf-ray: 6c13b5ff392c59ad-MXP
access-control-allow-headers: X-Requested-With
cf-bgj: imgq:85,h2pri

GET
H2 200 Whitelr_soctf0.png
img.thedailybeast.com/image/upload/v1550872986/ 17 KB
17 KB 62ms
56ms Image
image/webp 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.thedailybeast.com/image/upload/v1550872986/Whitelr_soctf0.png
Requested by: Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e4c1b69de1ad445881ee5cb7c5fab3be2b9861c20eec729c443e551c76b836

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
cf-cache-status: HIT
age: 501444
cf-polished: origFmt=png, origSize=26568
content-disposition: inline; filename="Whitelr_soctf0.webp"
server-timing: akam;dur=7;start=2021-12-16T00:45:32.069Z;total=723;desc=miss,rtt;dur=0
content-length: 17168
timing-allow-origin: *
surrogate-key: 269389677461250220657493727555606207961 f49c7cde2a4518ed1c0851d89176f74d
last-modified: Fri, 22 Feb 2019 22:03:07 GMT
server: cloudflare
etag: "c94b1ce49d3b88550d266f4d0868202c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 22 Dec 2022 02:02:56 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 6c13b5ff392b59ad-MXP
access-control-allow-headers: X-Requested-With
cf-bgj: imgq:85,h2pri

GET
H2 200 7hNqoQ8T4d0 Show response
www.youtube.com/embed/ Frame D0EE 60 KB
26 KB 89ms
65ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be66bb200e9a4727466aec9a1af0874a7e91a1c07d879ce25e274907a15930cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Dec 2021 20:02:56 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 965 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ca9fea111b69be9566a1bf0ef25f21b1a283fdf33e79d05a23339d434983cc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 49ms
25ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BXRr8anumVFsMvgN5QlueA==
age: 6973
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Fri, 17 Dec 2021 17:08:36 GMT
server: cloudflare
etag: 0x8D9C17FDD6FB88D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 52c8446c-501e-0127-6d63-f404fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c13b5ff5d275c20-FRA

GET
H2 200 vendors~account~adFreeThirdparty~advertising~cheatsheet~company~crossword~dashboard~error~halffull~h~5e041ed6.089f1cfa.chunk.js Show response
assets.thedailybeast.com/static/js/ 19 KB
7 KB 50ms
41ms Script
application/javascript 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/js/vendors~account~adFreeThirdparty~advertising~cheatsheet~company~crossword~dashboard~error~halffull~h~5e041ed6.089f1cfa.chunk.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6a8f3c9edc65b556a691bdd80a75b08a160f51c96d900691f958898d6bd4e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8919507
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Sep 2021 14:14:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4d60-17bcae88040"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c13b5ff494f59ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 vendors~account~advertising~cheatsheet~company~crossword~dashboard~error~halffull~home~jobs~login~me~23509425.42680d90.chunk.js Show response
assets.thedailybeast.com/static/js/ 20 KB
8 KB 82ms
73ms Script
application/javascript 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/js/vendors~account~advertising~cheatsheet~company~crossword~dashboard~error~halffull~home~jobs~login~me~23509425.42680d90.chunk.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13a7ec5e55169668e503b3f3e1601da002e17a5c5bc35496f2d12db6f6c464cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8919507
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Sep 2021 14:14:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4eed-17bcae88040"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c13b5ff494759ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 vendors~account~advertising~cheatsheet~company~crossword~dashboard~error~halffull~home~jobs~login~me~bfbc5815.e63c31e7.chunk.js Show response
assets.thedailybeast.com/static/js/ 307 KB
99 KB 69ms
60ms Script
application/javascript 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/js/vendors~account~advertising~cheatsheet~company~crossword~dashboard~error~halffull~home~jobs~login~me~bfbc5815.e63c31e7.chunk.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a50689a2608fceacaa447c956579b283e56d95527b09155df9c2ca506fa3572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1742379
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Dec 2021 15:52:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4ccd7-17d76b2dff0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c13b5ff494459ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 vendors~account~advertising~cheatsheet~company~crossword~dashboard~error~halffull~login~membership~n~aba52a5e.ce9aade2.chunk.js Show response
assets.thedailybeast.com/static/js/ 16 KB
6 KB 57ms
48ms Script
application/javascript 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/js/vendors~account~advertising~cheatsheet~company~crossword~dashboard~error~halffull~login~membership~n~aba52a5e.ce9aade2.chunk.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d02241458e544edb3707b0d924d46576700f49eb97a2f22fca7242af09d63497

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1615612
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Dec 2021 17:06:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3e64-17d76f65578"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c13b5ff494d59ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 vendors~cheatsheet~crossword~halffull~home~membership~podcast~search~story~wrap.934a423e.chunk.js Show response
assets.thedailybeast.com/static/js/ 87 KB
30 KB 77ms
69ms Script
application/javascript 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/js/vendors~cheatsheet~crossword~halffull~home~membership~podcast~search~story~wrap.934a423e.chunk.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfd4264c626300c33e8afd46191c9da20d8e3ad5c3ac0408d4683dd361ca8b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 444557
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:24:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"15adc-17dc40f5170"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c13b5ff494b59ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 vendors~cheatsheet~halffull~home~membership~search~story~wrap.d7b53107.chunk.js Show response
assets.thedailybeast.com/static/js/ 90 KB
29 KB 51ms
43ms Script
application/javascript 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/js/vendors~cheatsheet~halffull~home~membership~search~story~wrap.d7b53107.chunk.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b73f22b870756128cb27cef4b00630541a14073332e83617a55c270a15c71e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1738086
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Dec 2021 17:06:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1698c-17d76f65578"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c13b5ff494a59ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 vendors~cheatsheet~membership~newsletters~story~wrap.d6f40742.chunk.js Show response
assets.thedailybeast.com/static/js/ 21 KB
7 KB 39ms
39ms Script
application/javascript 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/js/vendors~cheatsheet~membership~newsletters~story~wrap.d6f40742.chunk.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf1fa9daf20e68cb1c041d5b036aaa458d5b7e54d92851bbbbfdee53110e26f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1615612
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Dec 2021 17:06:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"547f-17d76f65578"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c13b5ff9a0c59ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 cheatsheet.8eb6f0a964abcfa662f2.js Show response
assets.thedailybeast.com/static/js/ 812 KB
252 KB 59ms
59ms Script
application/javascript 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/js/cheatsheet.8eb6f0a964abcfa662f2.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40237423c3896d2082cc2a0a13ca50ec49ce85fae34184e0b08720c7f9a3c123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 444356
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:24:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cafd1-17dc40f5170"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c13b5ff9a1459ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 Druk-MediumItalic-Web.5b9086a7.woff2
www.thedailybeast.com/static/media/ 28 KB
28 KB 35ms
34ms Font
application/font-woff2 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedailybeast.com/static/media/Druk-MediumItalic-Web.5b9086a7.woff2

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

849f8b047c822420e2f6a7b841a5184b681bab490caa0e7ce27e96efb09974dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster
Origin: https://www.thedailybeast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10809023
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
content-length: 28609
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Aug 2021 17:19:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6fc1-17b551fd250"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/font-woff2
access-control-allow-origin: https://www.thedailybeast.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c13b5ff493359ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 DrukText-Medium-Web.896bb8b2.woff2
www.thedailybeast.com/static/media/ 36 KB
36 KB 41ms
41ms Font
application/font-woff2 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedailybeast.com/static/media/DrukText-Medium-Web.896bb8b2.woff2

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0759631728d5640f62a632e4d2c7146cebd454319bbcb92349a00de40f05911

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster
Origin: https://www.thedailybeast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10800763
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
content-length: 36993
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Aug 2021 17:19:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9081-17b551fd250"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/font-woff2
access-control-allow-origin: https://www.thedailybeast.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c13b5ff493659ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 Screen_Shot_2021-12-21_at_09.37.00_jw7w3c
img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_519,w_922,x_19,y_0/dpr_1.5/c_limit,w_608/fl_lossy,q_auto/v1640079443/ 42 KB
42 KB 93ms
92ms Image
image/webp 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_519,w_922,x_19,y_0/dpr_1.5/c_limit,w_608/fl_lossy,q_auto/v1640079443/Screen_Shot_2021-12-21_at_09.37.00_jw7w3c
Requested by: Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d18903871865b3f2603824b415e680d8c2e23e8241e2056bae3a2fa5ba54f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
cf-cache-status: HIT
age: 36036
cf-polished: qual=85, origFmt=jpeg, origSize=56328
content-disposition: inline; filename="Screen_Shot_2021-12-21_at_09.webp"
server-timing: akam;dur=13;start=2021-12-21T10:02:20.000Z;total=136;desc=miss,rtt;dur=0
content-length: 42926
timing-allow-origin: *
surrogate-key: 494105231432290474375156796927106376146 443081720769144560185989260636769507891 f49c7cde2a4518ed1c0851d89176f74d
last-modified: Tue, 21 Dec 2021 10:01:58 GMT
server: cloudflare
etag: "ae1854d44f1b4c4648645858d353de65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 22 Dec 2022 02:02:56 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 6c13b5ff9a0759ad-MXP
access-control-allow-headers: X-Requested-With
cf-bgj: imgq:85,h2pri

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 297 KB
89 KB 97ms
44ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b435afa91964ca7c52a4b3b0c9b63468d04778e8c7c5681567e05e7f0aeab23

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1138
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-dash-10-0-119-113
last-modified: Tue, 21 Dec 2021 11:29:09 GMT
server: cloudflare
etag: W/"303850-1640086149432"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=1200
cf-ray: 6c13b5ffe8c7f927-MXP
expires: Tue, 21 Dec 2021 20:22:56 GMT

GET
H2 200 0a09c00d-bc12-442e-adc0-24a3c22460f0.json Show response
cdn.cookielaw.org/consent/0a09c00d-bc12-442e-adc0-24a3c22460f0/ 3 KB
2 KB 40ms
24ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0a09c00d-bc12-442e-adc0-24a3c22460f0/0a09c00d-bc12-442e-adc0-24a3c22460f0.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3f540f2da10138955b1a4a1be27a9112c9648e75979157ac2293ef4de77f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HG7yzMnYcj18HKxbHzjSUA==
age: 6859
vary: Accept-Encoding
content-length: 1319
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 18:51:36 GMT
server: cloudflare
etag: 0x8D9B3694558A75E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5d67de4e-c01e-0069-5b6e-e5874a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c13b5ffcd495bfd-FRA
expires: Wed, 22 Dec 2021 00:02:56 GMT

GET
H2 200 cheatsheet.5e6b4b9a8f1e5b6767f7.css
assets.thedailybeast.com/static/css/ 93 KB
16 KB 65ms
65ms Stylesheet
text/css 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/css/cheatsheet.5e6b4b9a8f1e5b6767f7.css

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

176038b9214a0315a6206427b6d15ee5422ae3f706120b89691557e6ee5dccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 444596
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 16:24:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"172e3-17dc40f5170"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c13b5ffba7259ad-MXP
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/8da38e9a/ Frame D0EE 338 KB
47 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 23:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 333630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47369
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Dec 2022 23:22:26 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/ Frame D0EE 226 KB
73 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0496ff7b5e02ba5dcf004405c2b4eba9e66d7a89002346aa17ea3c1b4311806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 08:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74819
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Dec 2022 08:16:57 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame D0EE 2 MB
529 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d4a5a8296ca52691fde29abc2b8cd81c06ce8717a4b703ef1221bcd01e1d8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 23:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 333630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 540837
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Dec 2022 23:22:26 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8da38e9a/fetch-polyfill.vflset/ Frame D0EE 8 KB
3 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 19:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Dec 2022 19:36:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D0EE 15 KB
16 KB 35ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 10575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 17:06:41 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
398 B 54ms
24ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c13b600183d4ee0-FRA

GET
H2 200 Druk-MediumItalic-Web.5b9086a7.woff2
assets.thedailybeast.com/static/media/ 28 KB
28 KB 74ms
40ms Font
application/font-woff2 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/media/Druk-MediumItalic-Web.5b9086a7.woff2

Requested by

Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/css/cheatsheet.5e6b4b9a8f1e5b6767f7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

849f8b047c822420e2f6a7b841a5184b681bab490caa0e7ce27e96efb09974dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.thedailybeast.com/static/css/cheatsheet.5e6b4b9a8f1e5b6767f7.css
Origin: https://www.thedailybeast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21391068
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
content-length: 28609
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Apr 2021 19:00:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6fc1-178dc0e9b00"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/font-woff2
access-control-allow-origin: https://www.thedailybeast.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c13b600eff24e1a-FRA
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H2 200 DrukText-Medium-Web.896bb8b2.woff2
assets.thedailybeast.com/static/media/ 36 KB
37 KB 63ms
32ms Font
application/font-woff2 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thedailybeast.com/static/media/DrukText-Medium-Web.896bb8b2.woff2

Requested by

Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/css/cheatsheet.5e6b4b9a8f1e5b6767f7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0759631728d5640f62a632e4d2c7146cebd454319bbcb92349a00de40f05911

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.thedailybeast.com/static/css/cheatsheet.5e6b4b9a8f1e5b6767f7.css
Origin: https://www.thedailybeast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23664656
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
content-length: 36993
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Mar 2021 15:59:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9081-1785aa9a2d0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/font-woff2
access-control-allow-origin: https://www.thedailybeast.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c13b600eff44e1a-FRA
expires: Wed, 21 Dec 2022 20:02:56 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
512 B 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/js/cheatsheet.8eb6f0a964abcfa662f2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8002dace9aa6d2f5a60968e10897ec4b45e698b2851a22320a6cb5f7df42c67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires: Tue, 21 Dec 2021 20:02:56 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 121 KB
43 KB 56ms
8ms Script
application/javascript 13.32.21.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/js/cheatsheet.8eb6f0a964abcfa662f2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 19:57:35 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 04:22:34 GMT
server: AmazonS3
age: 322
etag: W/"b22b4f4738e8722be1636447be239da2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cache-control: max-age=600; must-revalidate
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: iAblAFBzYfgCSPBf5ETCVPDaFzEs2ep1U0uG2rAxOY0oZDF9yBn7fw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
970 B 40ms
16ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/js/cheatsheet.8eb6f0a964abcfa662f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5844d119b0d7d2d0f427bb92c5e16959b51f66509c63bf2f44a4795d7886537

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557
x-xss-protection: 1; mode=block
expires: Tue, 21 Dec 2021 20:02:56 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D0EE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

30ms
15ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

836bca9eeddd2e697541a86fc3a6be0bf4b5286bb255c3dd65d9621df24fa342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Dec 2021 20:02:56 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D0EE 29 B
588 B 44ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 19:57:15 GMT
x-content-type-options: nosniff
age: 341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Dec 2021 20:12:15 GMT

GET
H2 200 graphql Show response
graphql-prod.thedailybeast.com/ 8 KB
3 KB 190ms
190ms Fetch
application/json 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql-prod.thedailybeast.com/graphql?operationName=getCheat&variables=%7B%22slug%22%3A%22hate-crime-charges-dropped-against-bordentown-nj-ex-police-chief-frank-nucera-jr%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%225a9dd684214198bbddb34c87907f639409007e9c1357ef5ca3f062fd8e4947d6%22%7D%7D
Requested by: Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/js/cheatsheet.8eb6f0a964abcfa662f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f897b3ffb9fe484b4ead8f4e51c11fcc0c0e18365a89d4638749ed56d438e787

Request headers

accept: */*
Referer: https://www.thedailybeast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
apollographql-client-name: tdb-apollo-client
content-type: application/json

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-pts-cached: cheat,Cheat,Media
server: cloudflare
x-powered-by: Express
etag: W/"1ef7-f8kdvWL+lBSmWQzKgqBEAiycLYE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-pts-revision: a2ff9aaa4f07dcd11c5e54ded969e32dd42f274d
cf-ray: 6c13b603fdd64e1a-FRA
cf-cache-status: EXPIRED
x-pts-host: prod-pts-79dd4f656-b46sd

GET
H2 200 graphql Show response
graphql-prod.thedailybeast.com/ 10 KB
3 KB 471ms
469ms Fetch
application/json 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql-prod.thedailybeast.com/graphql?operationName=getCheat&variables=%7B%22slug%22%3A%22get-coffee-house-style-espresso-at-home-with-these-nespresso-deals%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%225a9dd684214198bbddb34c87907f639409007e9c1357ef5ca3f062fd8e4947d6%22%7D%7D
Requested by: Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/js/cheatsheet.8eb6f0a964abcfa662f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f75944426217b7aa35bfc63c77376c3e6b9a9ea31dcd5ccf8a40995809aaba09

Request headers

accept: */*
Referer: https://www.thedailybeast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
apollographql-client-name: tdb-apollo-client
content-type: application/json

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-pts-cached
server: cloudflare
x-powered-by: Express
etag: W/"297e-xu8fyPv/xzVeJ+lyhh+M4QHZgeA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-pts-revision: a2ff9aaa4f07dcd11c5e54ded969e32dd42f274d
cf-ray: 6c13b6027ac04e1a-FRA
cf-cache-status: EXPIRED
x-pts-host: prod-pts-79dd4f656-mrpvb

GET
H2 200 graphql Show response
graphql-prod.thedailybeast.com/ 8 KB
2 KB 481ms
479ms Fetch
application/json 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql-prod.thedailybeast.com/graphql?operationName=getCheat&variables=%7B%22slug%22%3A%22convicted-arsonist-jeramie-simmons-named-acting-chief-of-saint-clair-county-illinois-fire-department%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%225a9dd684214198bbddb34c87907f639409007e9c1357ef5ca3f062fd8e4947d6%22%7D%7D
Requested by: Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/js/cheatsheet.8eb6f0a964abcfa662f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e9d55cd190ee2379564bf06d591119e2412086aa9f738c8090c84a508594d13

Request headers

accept: */*
Referer: https://www.thedailybeast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
apollographql-client-name: tdb-apollo-client
content-type: application/json

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-pts-cached
server: cloudflare
x-powered-by: Express
etag: W/"2059-SVrwRf0pBOPgCABxczIo7fUbMSw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-pts-revision: a2ff9aaa4f07dcd11c5e54ded969e32dd42f274d
cf-ray: 6c13b6029afc4e1a-FRA
cf-cache-status: EXPIRED
x-pts-host: prod-pts-79dd4f656-zcx86

OPTIONS
H2 204 graphql
graphql-prod.thedailybeast.com/ Frame 0
0 403ms
393ms Preflight 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql-prod.thedailybeast.com/graphql?operationName=getCheat&variables=%7B%22slug%22%3A%22hate-crime-charges-dropped-against-bordentown-nj-ex-police-chief-frank-nucera-jr%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%225a9dd684214198bbddb34c87907f639409007e9c1357ef5ca3f062fd8e4947d6%22%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: apollographql-client-name,content-type
Origin: https://www.thedailybeast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-length: 0
access-control-allow-headers: apollographql-client-name,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 300
vary: Access-Control-Request-Headers
x-powered-by: Express
x-pts-host: prod-pts-79dd4f656-b46sd
x-pts-revision: a2ff9aaa4f07dcd11c5e54ded969e32dd42f274d
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c13b60189234e1a-FRA

GET
H2 200 graphql Show response
graphql-prod.thedailybeast.com/ 9 KB
3 KB 190ms
184ms Fetch
application/json 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql-prod.thedailybeast.com/graphql?operationName=latest&variables=%7B%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22d90a3001ba350f918439c4831366ef395c01c3d6d437033cc5c7d20e45e4ddfb%22%7D%7D
Requested by: Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/js/cheatsheet.8eb6f0a964abcfa662f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dd78b50687d7029638db787a8084f0ff857b2841afeabb8ac878710809680a59

Request headers

accept: */*
Referer: https://www.thedailybeast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
apollographql-client-name: tdb-apollo-client
content-type: application/json

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-pts-cached: Article
server: cloudflare
x-powered-by: Express
etag: W/"22d4-wC8lAJ1lha9wua0PpRbxMkFOqRg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-pts-revision: a2ff9aaa4f07dcd11c5e54ded969e32dd42f274d
cf-ray: 6c13b6027abc4e1a-FRA
cf-cache-status: EXPIRED
x-pts-host: prod-pts-79dd4f656-zcx86

OPTIONS
H2 204 graphql
graphql-prod.thedailybeast.com/ Frame 0
0 148ms
139ms Preflight 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql-prod.thedailybeast.com/graphql?operationName=getCheat&variables=%7B%22slug%22%3A%22get-coffee-house-style-espresso-at-home-with-these-nespresso-deals%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%225a9dd684214198bbddb34c87907f639409007e9c1357ef5ca3f062fd8e4947d6%22%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: apollographql-client-name,content-type
Origin: https://www.thedailybeast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-length: 0
access-control-allow-headers: apollographql-client-name,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 300
vary: Access-Control-Request-Headers
x-powered-by: Express
x-pts-host: prod-pts-79dd4f656-g4bdz
x-pts-revision: a2ff9aaa4f07dcd11c5e54ded969e32dd42f274d
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c13b601891a4e1a-FRA

OPTIONS
H2 204 graphql
graphql-prod.thedailybeast.com/ Frame 0
0 171ms
162ms Preflight 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql-prod.thedailybeast.com/graphql?operationName=getCheat&variables=%7B%22slug%22%3A%22convicted-arsonist-jeramie-simmons-named-acting-chief-of-saint-clair-county-illinois-fire-department%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%225a9dd684214198bbddb34c87907f639409007e9c1357ef5ca3f062fd8e4947d6%22%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: apollographql-client-name,content-type
Origin: https://www.thedailybeast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-length: 0
access-control-allow-headers: apollographql-client-name,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 300
vary: Access-Control-Request-Headers
x-powered-by: Express
x-pts-host: prod-pts-79dd4f656-mrpvb
x-pts-revision: a2ff9aaa4f07dcd11c5e54ded969e32dd42f274d
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c13b601891f4e1a-FRA

OPTIONS
H2 204 graphql
graphql-prod.thedailybeast.com/ Frame 0
0 146ms
137ms Preflight 2606:4700::6812:ca3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql-prod.thedailybeast.com/graphql?operationName=latest&variables=%7B%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22d90a3001ba350f918439c4831366ef395c01c3d6d437033cc5c7d20e45e4ddfb%22%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:ca3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: apollographql-client-name,content-type
Origin: https://www.thedailybeast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-length: 0
access-control-allow-headers: apollographql-client-name,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 300
vary: Access-Control-Request-Headers
x-powered-by: Express
x-pts-host: prod-pts-79dd4f656-b46sd
x-pts-revision: a2ff9aaa4f07dcd11c5e54ded969e32dd42f274d
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c13b60189224e1a-FRA

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame D0EE 94 KB
29 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc328eeaf800bfc497c691f3d92a67891dc61368e72111f0c1a02c7fe37d702b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 23:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 333116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29815
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Dec 2022 23:31:00 GMT

GET
H3 200 _5cMNwgFbhqFzysIXU1z-fdfZ3ZelUNkfvkSZuNNDpg.js Show response
www.google.com/js/th/ Frame D0EE 35 KB
13 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/_5cMNwgFbhqFzysIXU1z-fdfZ3ZelUNkfvkSZuNNDpg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff970c3708056e1a85cf2b085d4d73f9f75f67765e9543647ef91266e34d0e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 18 Dec 2021 21:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13294
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 21:12:27 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame D0EE 26 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71f4a6b13f5d5b9c56c3c3e769b5914c7e5738b295477d9c42caa75101a1ec06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 23:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 333627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Dec 2022 23:22:29 GMT

GET
DATA 200
OK truncated
/ Frame D0EE 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vQ24fxLYwWWN28dS6cpbbjppey3CXKSCoXc6qO0QZdKClwAamI80frFRktb6TX1E1tV4_eh6Fg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame D0EE 3 KB
3 KB 44ms
7ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/vQ24fxLYwWWN28dS6cpbbjppey3CXKSCoXc6qO0QZdKClwAamI80frFRktb6TX1E1tV4_eh6Fg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

06ac35460e773b66a9b20b64c1aa9815f80d95c08e913a2e416e31a6eeeda3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 17:19:13 GMT
x-content-type-options: nosniff
age: 9823
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2662
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 20:17:04 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/7hNqoQ8T4d0/ Frame D0EE 86 KB
87 KB 59ms
8ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7hNqoQ8T4d0/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9a13f9f9a762b95d2c282735be209d0cd61fdf101ce8ce70a55d9a185cb3eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 19:58:19 GMT
x-content-type-options: nosniff
age: 278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88193
x-xss-protection: 0
server: sffe
etag: "1640106498"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Dec 2021 20:03:19 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.25.0/ 318 KB
76 KB 13ms
13ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Dec 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wv3c0qnkBhaWE//T4i2BGA==
age: 4646603
vary: Accept-Encoding
content-length: 77456
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:46 GMT
server: cloudflare
etag: 0x8D9957C5F8AA42D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c7192146-801e-00c4-7e63-cca720000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c13b6021bd45c20-FRA

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
419 B 157ms
147ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=SrmTGdXwNo

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99a6c448844dc06afda36e14e7752317ee1b13e56f6c3839bba95c7d1124d199

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cxceh4rOIJl
pragma
wn: prod-dash-10-0-120-115
last-modified: Tue, 21 Dec 2021 19:55:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.002
cache-control: public, max-age=1200
cf-ray: 6c13b6025d48f927-MXP
expires: Tue, 21 Dec 2021 20:22:57 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 22 KB
6 KB 39ms
9ms Script
application/x-javascript 2a02:26f0:7100:2ab::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:2ab::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 20:02:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 14:49:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5864
Expires: Tue, 21 Dec 2021 21:02:57 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/8da38e9a/www-widgetapi.vflset/ 149 KB
48 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5071f1b82cf34198f13d9c727f4705d7a4daa61723adacfcd7123abcb4b3c4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 19:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49407
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Dec 2022 19:54:23 GMT

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 173 B
956 B 179ms
170ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jsonp9024&client_id=SrmTGdXwNo&site=https%3A%2F%2Fwww.thedailybeast.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eac5b5f4af09b352a942f0c3e7535de7e5b42b63e9d7a2265a343c359013f50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cxceh4rs9qT
pragma: no-cache
wn: prod-id-10-0-136-149
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.004
cf-ray: 6c13b602ce51f927-MXP
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 348 KB
137 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedailybeast.com/
Origin: https://www.thedailybeast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 17:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 21 Dec 2022 17:53:20 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
495 B 100ms
100ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 77d4359597a7dcf6d876b021f31fc81b19597fac3c065e9320529b000083b728

Request headers

x-lib-version: v1.0.1
Accept-Language: de-DE,de;q=0.9
authorization: Bearer 4d0bf245754e61f146746de0ba7d2f93
content-type: application/json
accept: application/json
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
x-referring-url: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 194
allowedmethods: GET,OPTIONS
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 304ms
97ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Origin: https://www.thedailybeast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://www.thedailybeast.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 72 KB
23 KB 11ms
11ms Script
application/x-javascript 2a02:26f0:7100:2ab::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:2ab::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b9ce18d34da826f96811b05b2ba7c769b6ab3edc0d54565dded9c52aa01d38db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 20:02:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 11:29:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22975
Expires: Tue, 21 Dec 2021 21:02:57 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/0a09c00d-bc12-442e-adc0-24a3c22460f0/c45b450b-28a5-4010-900d-5aa919ecf76f/ 73 KB
16 KB 18ms
18ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0a09c00d-bc12-442e-adc0-24a3c22460f0/c45b450b-28a5-4010-900d-5aa919ecf76f/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc141398f189fb6ff2d337775206f2ad1bc0934033da5d7673990845071ff96c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5BCkDUoIKrKVAYII+lQmlA==
age: 6857
vary: Accept-Encoding
content-length: 16306
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 18:51:47 GMT
server: cloudflare
etag: 0x8D9B3694BEF9BC1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8600276f-d01e-005f-7d6e-e52a18000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c13b602fd695bfd-FRA
expires: Wed, 22 Dec 2021 00:02:57 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D0EE 4 KB
2 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Dec 2021 20:02:57 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D0EE 0
9 B 11ms
10ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?MGMdHg
Requested by: Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 864D 40 KB
20 KB 27ms
27ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk&co=aHR0cHM6Ly93d3cudGhlZGFpbHliZWFzdC5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=inline&cb=fct3uwsuwt81

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b18b50f2774ea3179d757eaf5a5cbfa991673ebcb7a2d85d0eab8960df418580

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pi5/JsxGrgh2w7WfOdymmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Dec 2021 20:02:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-pi5/JsxGrgh2w7WfOdymmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20935
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 13 KB
3 KB 15ms
15ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QAufc0ozHqszfMLxOJh3oA==
age: 6857
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:36 GMT
server: cloudflare
etag: 0x8D9957C59E8C180
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 74b7d8d5-701e-0112-3709-dbaaaf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c13b603ffe15bfd-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/ 47 KB
11 KB 20ms
20ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9E3lVDuBS011aFtnS8Lptg==
age: 6857
vary: Accept-Encoding
content-length: 11581
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:38 GMT
server: cloudflare
etag: 0x8D9957C5B1359BC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 71233e99-301e-0178-8009-dbf604000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c13b603ffe25bfd-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 20 KB
4 KB 15ms
15ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 6857
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: fc3b385e-d01e-0136-3f09-db33e1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c13b603ffe45bfd-FRA

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame D0EE 52 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 14:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Wed, 22 Dec 2021 14:57:17 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 30 KB
4 KB 205ms
171ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=SrmTGdXwNo

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9076d5f1843d144889b77fe21594702ce70dfac9ceb95483587c81801a664aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.thedailybeast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 9kk8qy6zrh
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.thedailybeast.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6c13b6044c466907-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 864D 51 KB
24 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk&co=aHR0cHM6Ly93d3cudGhlZGFpbHliZWFzdC5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=inline&cb=fct3uwsuwt81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 12:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 21 Dec 2022 12:04:23 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 864D 348 KB
136 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 17:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 21 Dec 2022 17:53:20 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 864D 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk&co=aHR0cHM6Ly93d3cudGhlZGFpbHliZWFzdC5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=inline&cb=fct3uwsuwt81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 21 Dec 2021 20:02:57 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 1E8F 720 B
755 B 21ms
21ms Document
text/html 2a02:26f0:7100:2ab::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:2ab::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fb8b0b368f77ad52f888b50575c415e1807efeae70f4ee1f38e5606319bc5b02

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/

Response headers

Accept-Ranges: bytes
Last-Modified: Tue, 14 Dec 2021 07:11:25 GMT
Server: AkamaiNetStorage
Content-Length: 385
Cache-Control: max-age=864000
Expires: Fri, 31 Dec 2021 20:02:57 GMT
Date: Tue, 21 Dec 2021 20:02:57 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/1.4.0/ 11 KB
5 KB 148ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/1.4.0/postscribe.min.js

Requested by

Host: assets.thedailybeast.com
URL: https://assets.thedailybeast.com/static/js/cheatsheet.8eb6f0a964abcfa662f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cc0720a0f6f6ce2f2e333c57e5e8f61dc9d9e40001fab61f62a55259ac93057

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1614907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3838
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-2b86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvNuQh8I6CGaDHNIuNsu%2BIIpvitRNR7RW0zVYB9AMMnxC8tZXbA8%2FFHCNBw9EuFme1bQ1WVkowUAvhzIQP4CWHHJ2R6M00LepxvP6ymsdF%2F8dDTyZYJadWt8KKWa6F1X1CTXx5igYc%2BvI1nRItAbQlkS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c13b6072e98839d-MXP
expires: Sun, 11 Dec 2022 20:02:57 GMT

GET
H2 200 Screen_Shot_2021-12-20_at_5.29.05_PM_hwfo33
img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_852,w_1514,x_0,y_0/dpr_2.0/c_limit,h_251/fl_lossy,q_auto/v1640050172/ 26 KB
27 KB 67ms
67ms Image
image/webp 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_852,w_1514,x_0,y_0/dpr_2.0/c_limit,h_251/fl_lossy,q_auto/v1640050172/Screen_Shot_2021-12-20_at_5.29.05_PM_hwfo33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 551c5971b1418d08d6f5f73caa5a4c296eff26ceecdf07f420c752b2ab829de3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
cf-cache-status: HIT
age: 36540
cf-polished: qual=85, origFmt=jpeg, origSize=43611
content-disposition: inline; filename="Screen_Shot_2021-12-20_at_5.webp"
server-timing: akam;dur=35;start=2021-12-21T09:53:56.522Z;total=569;desc=miss,rtt;dur=0
content-length: 26868
timing-allow-origin: *
surrogate-key: 359825590359145208102235830597271915887 343309183874383485511680664324471445183 f49c7cde2a4518ed1c0851d89176f74d
last-modified: Tue, 21 Dec 2021 01:33:12 GMT
server: cloudflare
etag: "c33ca8cb4b79feddd20b7cad547b2281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 22 Dec 2022 02:02:57 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 6c13b6067dd359ad-MXP
access-control-allow-headers: X-Requested-With
cf-bgj: imgq:85,h2pri

GET
H2 200 Screen_Shot_2021-12-21_at_1.17.06_PM_ojmds7
img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_525,w_932,x_0,y_11/dpr_1.5/c_limit,w_608/fl_lossy,q_auto/v1640110680/ 33 KB
34 KB 43ms
43ms Image
image/webp 2606:4700::6811:5631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_525,w_932,x_0,y_11/dpr_1.5/c_limit,w_608/fl_lossy,q_auto/v1640110680/Screen_Shot_2021-12-21_at_1.17.06_PM_ojmds7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:5631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cef5da85a5468d704266dece74dab8a9c8b5a20036b9374659ca6ebe24b84d3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
cf-cache-status: HIT
age: 1558
cf-polished: qual=85, origFmt=jpeg, origSize=41819
content-disposition: inline; filename="Screen_Shot_2021-12-21_at_1.webp"
server-timing: akam;dur=4;start=2021-12-21T19:36:59.308Z;total=11;desc=miss,rtt;dur=0
content-length: 34238
timing-allow-origin: *
surrogate-key: 429745718369558748210075346089881816262 399949636557424927727132199908165337745 f49c7cde2a4518ed1c0851d89176f74d
last-modified: Tue, 21 Dec 2021 19:25:43 GMT
server: cloudflare
etag: "967a8f5936d277a1ed7d8e49cdbb64da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 22 Dec 2022 01:55:35 GMT
cache-control: public, max-age=31557158
accept-ranges: bytes
cf-ray: 6c13b6067df359ad-MXP
access-control-allow-headers: X-Requested-With
cf-bgj: imgq:85,h2pri

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3A27 7 KB
1 KB 18ms
18ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e04d6ad2aa9ad9eafa8d4715179e09ea5f3746ee31674fee64f779090edcca3d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tm9DcbBf5c+B7+ZYnjEZgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Dec 2021 20:02:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-tm9DcbBf5c+B7+ZYnjEZgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 1E8F 72 KB
23 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:7100:2ab::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:2ab::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b9ce18d34da826f96811b05b2ba7c769b6ab3edc0d54565dded9c52aa01d38db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 20:02:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 11:29:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22975
Expires: Tue, 21 Dec 2021 21:02:57 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 1E8F 47 B
638 B 71ms
12ms Script
text/javascript 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de715.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 5ed121d956f0536756641c36f420ec55d6e703951b06eb5a78ce0b330996eda5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 20:02:57 GMT
Last-Modified: Mon, 21 Jun 2021 20:02:57 GMT
Server: Jetty(9.4.28.v20200408)
ETag: 10i7x5vcf8zbp2exrfakaigcvn
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: private, proxy-revalidate
Content-Type: text/javascript;charset=utf-8
Content-Length: 47
Expires: Wed, 21 Dec 2022 20:02:57 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 3A27 51 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 12:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 21 Dec 2022 12:04:23 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 3A27 348 KB
136 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 17:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 21 Dec 2022 17:53:20 GMT

GET
H2 200 3946772002 Show response
uw-media.courierpostonline.com/embed/video/ Frame 95C4 66 KB
18 KB 41ms
7ms Document
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/1.4.0/postscribe.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5487ab3bbea8b1a7083491843003f88e2daa3483133e25fee18ff24ae4311bb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/

Response headers

content-type: text/html; charset=utf-8
content-security-policy: upgrade-insecure-requests
x-content-access-type: Metered
x-content-key: 3946772002
x-content-restricted-url: /restricted/?return=https%3A%2F%2Fuw-media.courierpostonline.com%2Fembed%2Fvideo%2F3946772002%3Fplacement%3Dsnow-embed
x-meter-enabled: Yes
x-meter-limit-url: /get-access/?return=https%3A%2F%2Fuw-media.courierpostonline.com%2Fembed%2Fvideo%2F3946772002%3Fplacement%3Dsnow-embed
x-meter-registered-threshold: 5
x-meter-threshold: 5
strict-transport-security: max-age=15724800
content-encoding: gzip
berespttl: 2591243.000
accept-ranges: bytes
date: Tue, 21 Dec 2021 20:02:57 GMT
age: 2803
x-cache: HIT, HIT
x-timer: S1640116978.848874,VS0,VE0
vary: accept-encoding
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.2}
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-length: 17454

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 3A27 36 KB
22 KB 51ms
50ms XHR
application/json 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dc3322656b2a153176074fa238b9ec43840b3b786abed33d9543e0f5de88dcd4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22419
x-xss-protection: 1; mode=block
expires: Tue, 21 Dec 2021 20:02:57 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 95C4 222 B
589 B 33ms
7ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=default,fetch,Array.prototype.find,IntersectionObserver,IntersectionObserverEntry,Intl,Intl.~locale.en-US

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2920305
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Nov 2021 05:39:42 GMT
date: Tue, 21 Dec 2021 20:02:57 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gallium.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ Frame 95C4 11 KB
4 KB 33ms
7ms Script
application/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8316b30cd300b89eea8ae9ab09d4f562cc1ecd574847f0cc2d4f13a4d68a0a5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://uw-media.courierpostonline.com/
Origin: https://uw-media.courierpostonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
age: 2234
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3519
x-served-by: cache-bwi5153-BWI, cache-hhn4029-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1640116978.892807,VS0,VE0
etag: "df02a7ee4d2bfdcf889bf3ef159540e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 2

GET
H2 200 custom-elements-es5-adapter.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ Frame 95C4 938 B
827 B 15ms
8ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/custom-elements-es5-adapter.js

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
age: 599272
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 493
x-served-by: cache-bwi5132-BWI, cache-hhn4080-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1640116978.874639,VS0,VE0
etag: "8af5f1900788253d8384715a01425ab7"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 3, 2

GET
H2 200 story.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/ Frame 95C4 483 KB
115 KB 33ms
7ms Script
application/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea4b20ea635165cdbbecab9b7b486f13b81e9b21cb35d4537a6bbe75faea14e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://uw-media.courierpostonline.com/
Origin: https://uw-media.courierpostonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
age: 2234
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 117910
x-served-by: cache-bwi5122-BWI, cache-hhn4029-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1640116978.892964,VS0,VE0
etag: "d37b24d18e85bd6de0aed425350dc91f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 2

GET
H2 200 336871bf-8856-45b8-84f3-0cd625e44ff8-956aa6bb-333a-45c8-81f8-af7a76424352_thumbnail.png
www.gannett-cdn.com/presto/2019/10/11/PCHH/ Frame 95C4 262 KB
263 KB 27ms
20ms Image
image/png 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2019/10/11/PCHH/336871bf-8856-45b8-84f3-0cd625e44ff8-956aa6bb-333a-45c8-81f8-af7a76424352_thumbnail.png?crop=480%2C480%2Cx180%2Cy0&quality=10

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2cacedf31b96f2386162d6fb477ffe5c1c60e7d8a6cace4dfd49897f0099b0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=xdKZKg==, md5=92AIMVZxXtZaM21aUQjOow==
date: Tue, 21 Dec 2021 20:02:57 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2874681
x-guploader-uploadid: ADPycdvtpeEtl4iIHj2mg5XFCxGEcsVxtTWf_uId1BYTsmhPE2aPIyAO5BOzqNUThU3lENOSKbX7XQsg-84b1Etf3JtK2TC1LA
x-cache: HIT, HIT, HIT
fastly-io-info: ifsz=526312 idim=720x480 ifmt=png ofsz=268724 odim=480x480 ofmt=png
x-goog-storage-class: NEARLINE
fastly-stats: io=1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 268724
x-served-by: cache-bwi5132-BWI, cache-iad-kiad7000123-IAD, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
server: UploadServer
x-timer: S1640116978.912776,VS0,VE2
etag: "tVL4PMEbCplbGzxnCVbzj7Do6VHOiItwsu7H8sHG8k0"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/png
access-control-allow-origin: *
expires: Thu, 18 Nov 2021 13:31:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1, 1

GET
H2 200 tealplayer-1e4fcc2d.min.css
www.gannett-cdn.com/gannett-web/apps/teal/dist/ Frame 95C4 8 KB
2 KB 16ms
8ms Stylesheet
text/css 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/teal/dist/tealplayer-1e4fcc2d.min.css

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8b333699fb919b7eb3f0a7aff089a5b68b9389a47fc173ce5bd9ca84041d1e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=urRvpA==, md5=NHcxMg2nDL/TQyiPzM7Ybw==
date: Tue, 21 Dec 2021 20:02:57 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 798096
x-amz-meta-goog-reserved-file-mtime: 1630678553
x-guploader-uploadid: ADPycdur19YGIMsCJ0Bm8K_mVUV2xf9VRK8ZQztf77jVIc39h4NmTTpoqRjbSybOpk8AVYzz8KHe0yyqzIvQSauGmJQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-length: 1687
x-served-by: cache-bwi5182-BWI, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified: Fri, 03 Sep 2021 14:16:58 GMT
server: UploadServer
x-timer: S1640116978.912064,VS0,VE0
etag: "347731320da70cbfd343288fccced86f"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, immutable, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 7

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 95C4 375 KB
124 KB 54ms
16ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126523
x-xss-protection: 0
expires: Tue, 21 Dec 2021 20:02:57 GMT

GET
H2 200 hls.0.14.9.min.js Show response
www.gannett-cdn.com/gannett-web/apps/teal/dist/vendor/hls/ Frame 95C4 234 KB
60 KB 21ms
14ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/teal/dist/vendor/hls/hls.0.14.9.min.js

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a6ab3d025d76e18b3c5b3eaf86c8c64151f1ce4348244650c9a229d45316a9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=04gOQQ==, md5=j9vq4UIMZ0WSKC7Zx+/S4g==
date: Tue, 21 Dec 2021 20:02:57 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 4709203
x-amz-meta-goog-reserved-file-mtime: 1618514148
x-guploader-uploadid: ADPycdtC6rhoikhoMJGE--eWB9sRdSvkXgDqPBlbEU0XDwCmSTB4CRO1-hs3S3A_BmeOQRNxsJ2W8L_eArQOi8cJ0tQHi5dCig
x-cache: HIT, HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-length: 60647
x-served-by: cache-bwi5120-BWI, cache-iad-kiad7000049-IAD, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified: Thu, 15 Apr 2021 19:16:55 GMT
server: UploadServer
x-timer: S1640116978.912765,VS0,VE0
etag: "8fdbeae1420c674592282ed9c7efd2e2"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, immutable, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1450, 8

GET
H2 200 bundle-aa8b905a.min.js Show response
www.gannett-cdn.com/gannett-web/apps/teal/dist/ Frame 95C4 153 KB
40 KB 16ms
9ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/teal/dist/bundle-aa8b905a.min.js

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

dfe2fdbfa5dab704223f15fac0a4c9ee39e2fb20aeec806b910888f5d4248fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=db0Kqg==, md5=QK7m+NHJMwCOIC8XXRiCFw==
date: Tue, 21 Dec 2021 20:02:57 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 3461331
x-amz-meta-goog-reserved-file-mtime: 1634665495
x-guploader-uploadid: ADPycdtCDnPCI7A3NJx5vp-GvLTVXFhbTuh2YiTAlO3EMP_niEJNRcb3Uka_ujgEX6TKWKs5NMo4NNTBIClnz6Qlu6sQRr_SMQ
x-cache: HIT, HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-length: 40312
x-served-by: cache-bwi5127-BWI, cache-iad-kjyo7100145-IAD, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified: Tue, 19 Oct 2021 17:45:59 GMT
server: UploadServer
x-timer: S1640116978.912178,VS0,VE0
etag: "40aee6f8d1c933008e202f175d188217"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, immutable, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 100, 7

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 1E8F 43 B
468 B 50ms
15ms Image
image/gif 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.1.3&typ=pgv&rnd=kxgjausbef45s5ge&sid=1137431972075209946&loc=https%3A%2F%2Fwww.thedailybeast.com%2Fbill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster&new=1&arf=0&ltm=1640116977199&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kxgjav7xnnqisxa0&ckp=kxgjaus8cmw44tgt&glb=&cp_userState=anon&cst=10i7x5vcf8zbp2exrfakaigcvn
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de715.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 20:02:57 GMT
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 117 B
690 B 53ms
18ms Script
text/javascript 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kxgjaus8cmw44tgt%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2210i7x5vcf8zbp2exrfakaigcvn%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2210i7x5vcf8zbp2exrfakaigcvn%22%7D%5D%2C%22siteId%22%3A%221137431972075209946%22%2C%22location%22%3A%22https%3A%2F%2Fwww.thedailybeast.com%2Fbill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster%22%7D&callback=cXJsonpCBkxgjavgva537n63v

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de715.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

58d54434f258ec7a5820fd441533f0db9bbfc89970e23b96843920394f336787

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedailybeast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Dec 2021 20:02:57 GMT
X-Content-Type-Options: nosniff
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/javascript;charset=utf-8
Content-Length: 117
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 partner.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ Frame 95C4 62 KB
14 KB 10ms
9ms Script
application/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e629f1692b6fc26f42e7185b2a4dce27414757f21cfd9e4896cf7ad1e2ffa7d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
Origin: https://uw-media.courierpostonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
age: 2234
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 14242
x-served-by: cache-bwi5131-BWI, cache-hhn4029-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1640116978.906536,VS0,VE0
etag: "5a1550709b88ec618c523015c6e68c3a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 2

GET
H2 200 utils.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ Frame 95C4 17 KB
5 KB 10ms
10ms Script
application/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Requested by

Host: www.thedailybeast.com
URL: https://www.thedailybeast.com/bill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

58c9693215e0691737fe1ce4a66b7ea4af7f4f06319dd981d0cedbe0c6a3b50e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
Origin: https://uw-media.courierpostonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
content-encoding: gzip
age: 2234
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4759
x-served-by: cache-bwi5133-BWI, cache-hhn4029-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1640116978.906679,VS0,VE0
etag: "2cc0a0cfcff64856f0a7b6df7b8ae147"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 2

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 3A27 600 B
624 B 7ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 19:52:10 GMT
x-content-type-options: nosniff
age: 647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 28 Dec 2021 19:52:10 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 3A27 530 B
554 B 8ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:44:53 GMT
x-content-type-options: nosniff
age: 569884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 22 Dec 2021 05:44:53 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 3A27 665 B
689 B 7ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 11:26:47 GMT
x-content-type-options: nosniff
age: 549370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 22 Dec 2021 11:26:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3A27 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 10576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3A27 15 KB
15 KB 27ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 21:19:14 GMT
x-content-type-options: nosniff
age: 81823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 20 Dec 2022 21:19:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3A27 15 KB
15 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 14:17:54 GMT
x-content-type-options: nosniff
age: 20703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 14:17:54 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 3A27 23 KB
23 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq241-LXwUeIOzIlAGm-0Ga_wUmdBVcb1U5cjYvjwUGPmw43oKvJQve91Gf_wORuiRgQMvxBYcibJOsYm9iLvy4-FsUxXVToLy8WOgi04--xSbNbGP1j7LWqJ2c9Q_wldtxSaC1PMACfVeRFb607GwW4hfT1AehD6nWyYoQDwXpjEBcbSiEWliqy3RLTIVGGzUWh755Xtpru1qQR75puP2lREKAVkeA&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dd1658348a0fc4888d59a27c0496d288aa749f5d151336ef80c2c1e4dc965ae5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LfN6RsUAAAAAMqdTM3jv__3-A-c3s34R02gRGhk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:57 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23607
x-xss-protection: 1; mode=block
expires: Tue, 21 Dec 2021 20:02:57 GMT

GET
H2 200 streamsense-5.1.1.160316.min.js Show response
www.gannett-cdn.com/gannett-web/apps/teal/dist/vendor/comscore/ Frame 95C4 88 KB
15 KB 8ms
7ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/teal/dist/vendor/comscore/streamsense-5.1.1.160316.min.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gannett-web/apps/teal/dist/bundle-aa8b905a.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=0ca1vg==, md5=oMYFmalRKmTWyqkSbPV95A==
date: Tue, 21 Dec 2021 20:02:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 3507258
x-amz-meta-goog-reserved-file-mtime: 1564523890
x-guploader-uploadid: ADPycdvELmiz6zO1v7SYsFM13aF1YY1ZUH7WbDeoiEBbCLy_400C-URe_82qtV9VRPM34LWHISZ9zK900oyBor82cdQ
x-cache: HIT, HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-length: 14269
x-served-by: cache-bwi5161-BWI, cache-iad-kiad7000126-IAD, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified: Tue, 30 Jul 2019 21:59:07 GMT
server: UploadServer
x-timer: S1640116978.009697,VS0,VE0
etag: "a0c60599a9512a64d6caa9126cf57de4"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, immutable, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 9705, 7

GET
H2 200 p.js Show response
cdn.parsely.com/keys/usatoday.com/ Frame 95C4 71 KB
25 KB 40ms
9ms Script
application/javascript 65.9.7.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/usatoday.com/p.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gannett-web/apps/teal/dist/bundle-aa8b905a.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.60 Altamonte Springs, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Tue, 21 Dec 2021 01:59:59 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 14:30:41 GMT
server: nginx
age: 64979
etag: W/"609be691-11d9d"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mMOux10EXHzuRt3v4T2lJcKaM4y3Y2ZyX385asaMBR4_9RhTN23siA==
expires: Wed, 22 Dec 2021 01:59:59 GMT

GET
H2 200 main.js Show response
www.gannett-cdn.com/dcjs/prod/ Frame 95C4 143 KB
45 KB 7ms
7ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcjs/prod/main.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gannett-web/apps/teal/dist/bundle-aa8b905a.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7fa4aa0ac8c3337c88e8f7e01bf4abbd53807b22d7e406e0e40338905e67d605

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=huvcNQ==, md5=20i5mwPXqrVIHJ9XC+MThg==
date: Tue, 21 Dec 2021 20:02:58 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 256
x-amz-meta-goog-reserved-file-mtime: 1639491922
x-guploader-uploadid: ADPycdtt7gdB1OgiIGl1CDwvU8412gPTXLiOVPV0D-B4F6T4NEVeF8EuYksWDwq6yzI3gO4qfiRvYnn41Yoc2KyaeQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 45329
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kcgs7200041-IAD, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified: Tue, 14 Dec 2021 14:25:40 GMT
server: UploadServer
x-timer: S1640116978.011822,VS0,VE0
etag: "db48b99b03d7aab5481c9f570be31386"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 21 Dec 2021 19:38:42 GMT
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 6

GET
H2 200 UnifySans_W_SBd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ Frame 95C4 17 KB
18 KB 8ms
7ms Font
binary/octet-stream 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_SBd.woff2

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://uw-media.courierpostonline.com/
Origin: https://uw-media.courierpostonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 2233
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 17876
x-served-by: cache-bwi5128-BWI, cache-hhn4029-HHN
server: AmazonS3
x-timer: S1640116978.015408,VS0,VE0
etag: "eec61fc37ea7dff16e6503e33ab66949"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 2

GET
H2 200 UnifySans_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ Frame 95C4 16 KB
16 KB 9ms
8ms Font
binary/octet-stream 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Rg.woff2

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://uw-media.courierpostonline.com/
Origin: https://uw-media.courierpostonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 2232
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 16620
x-served-by: cache-bwi5180-BWI, cache-hhn4029-HHN
server: AmazonS3
x-timer: S1640116978.015519,VS0,VE0
etag: "3813aba0274244941c060a0cba29c5a2"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 2

GET
H2 200 UnifySans_W_Bd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ Frame 95C4 18 KB
18 KB 8ms
8ms Font
binary/octet-stream 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Bd.woff2

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://uw-media.courierpostonline.com/
Origin: https://uw-media.courierpostonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 2232
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 17984
x-served-by: cache-bwi5175-BWI, cache-hhn4029-HHN
server: AmazonS3
x-timer: S1640116978.015594,VS0,VE0
etag: "79f7fee52a3077ef23d7fb327d25836a"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 2

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4C6A 598 KB
194 KB 23ms
8ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 15 Dec 2021 00:48:04 GMT
expires: Thu, 15 Dec 2022 00:48:04 GMT
last-modified: Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 587694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 95C4 44 KB
17 KB 106ms
31ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Dec 2021 20:02:58 GMT

GET
H2 200 ias-3.5.1.min.js Show response
www.gannett-cdn.com/gannett-web/apps/teal/dist/vendor/ias/ Frame 95C4 16 KB
6 KB 8ms
8ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/teal/dist/vendor/ias/ias-3.5.1.min.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gannett-web/apps/teal/dist/bundle-aa8b905a.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ec7fb38dc02cbe463429e410e7dc633ce5ab60c62c0315a39402594fbea4bf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=OSp2gg==, md5=LaiRY8nqOrc6SB1Dm0Q/Kg==
date: Tue, 21 Dec 2021 20:02:58 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2384715
x-amz-meta-goog-reserved-file-mtime: 1564518562
x-guploader-uploadid: ADPycdua5crd25DxlPuS3-RU9IjN0TPZpVMsrbBl70kfLSuA1rUuJDR-PeJwBNgQhel1_hgKb0OYqXwIIdj6_XNHyg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-length: 5228
x-served-by: cache-bwi5121-BWI, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified: Tue, 30 Jul 2019 20:30:37 GMT
server: UploadServer
x-timer: S1640116978.037452,VS0,VE1
etag: "2da89163c9ea3ab73a481d439b443f2a"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, immutable, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 7

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 95C4 78 KB
27 KB 66ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1078 / 772 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Dec 2021 20:02:58 GMT

GET
H2 200 adx Show response
securepubads.g.doubleclick.net/gampad/ Frame 95C4 14 B
774 B 109ms
70ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/adx?iu=%2F7103%2Fswg%2Fpts_nj-cherryhill-C1013&sz=1x1&ref=https%3A%2F%2Fwww.thedailybeast.com%2F&cookie=null&c=992459467566416&tile=1&u_tz=0

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d38cc41aec5a64fe9a8032aef6970519b539a00d71399ed47aef25a3a6ddb258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18
x-xss-protection: 0
google-lineitem-id: 4882357635
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138253420736
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://uw-media.courierpostonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pbjsandwich.min.js Show response
www.gannett-cdn.com/partner/vendor/ Frame 95C4 423 KB
130 KB 11ms
11ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3271da988c7430f46ad20bb91d939b399ef1c584b277b0e508e35d1c62cf07c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=dfZVWg==, md5=x9zAtr3mrhCHa4Et3A6mBA==
date: Tue, 21 Dec 2021 20:02:58 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 597097
x-guploader-uploadid: ADPycdu7Pw5ZrWIVkvwNKyxSwHuLzATDC765LCX11I-wUdOFFBydU9qjyfchKhArF8F09agXgjVehtQLqY_NNmncM2JwQEbQPQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 132193
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kcgs7200061-IAD, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified: Tue, 14 Dec 2021 22:09:42 GMT
server: UploadServer
x-timer: S1640116978.045511,VS0,VE0
etag: "c7dcc0b6bde6ae10876b812ddc0ea604"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 22:11:20 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 6

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 95C4 134 KB
36 KB 87ms
24ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 194
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1GV6NP2837QVV0ZHKMYK
date: Tue, 21 Dec 2021 19:59:44 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: sGF4SVNmw1F-ffGTvDWrdeC2ZTyJrpTynd-pf9rneJ33SrFoWJS_cw==

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ Frame 95C4 22 KB
7 KB 48ms
11ms Script
application/javascript 13.32.21.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 16:16:56 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 13563
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: X_pP_COgTKZIys4N1BmfCi7eZxTG2izjgRXq60s5xeV3hxntb79-TQ==

GET
H2 206 1080p_30fps.mp4
downloadmedia.gannett-cdn.com/authoring/video-renditions/956aa6bb-333a-45c8-81f8-af7a76424352/ Frame 95C4 64 KB
0 14ms
8ms Media
video/mp4 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://downloadmedia.gannett-cdn.com/authoring/video-renditions/956aa6bb-333a-45c8-81f8-af7a76424352/1080p_30fps.mp4

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://uw-media.courierpostonline.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

x-goog-hash: crc32c=dJEPqw==, md5=mLMMiC/0bsUqk2hDtsEfmA==
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish, 1.1 varnish
etag: "98b30c882ff46ec52a936843b6c11f98"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1205389
x-guploader-uploadid: ADPycdtJKoQ7PdTlX-371zb3vV9fy36UzaVblsgZYRTZHC9iFAQw9giO8HiX0RQQ_1wkOuCyKGNTJZaVN2JYCHcIIT9iJgApzw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
Content-Length: 43737073
x-served-by: cache-iad-kiad7000074-IAD, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
Content-Range: bytes 0-43737072/43737073
last-modified: Fri, 11 Oct 2019 20:14:13 GMT
server: UploadServer
x-timer: S1640116978.067936,VS0,VE1
date: Tue, 21 Dec 2021 20:02:58 GMT
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: video/mp4
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 21:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2351 37 KB
13 KB 27ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 19:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 21 Dec 2021 20:38:15 GMT

GET
H2 200 iasADX.js Show response
static.adsafeprotected.com/ Frame 95C4 12 KB
4 KB 77ms
9ms Script
application/javascript 2600:9000:211e:4600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasADX.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df9aa20a3dc2c29281028c2a8714d61048ac869232e9c25abc2736a0e944a998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 9iSXvslSMZ6rEQCfatCaThdk8QXdsu7l
content-encoding: gzip
etag: W/"4690977459fac18531cecf0d0078b94d"
age: 226709
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 26 Oct 2020 17:10:12 GMT
server: AmazonS3
date: Sun, 19 Dec 2021 05:04:30 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 4SuWqct29YUNmo1xkhUJjOHmkRzfjel3KpZQXko3YQS5M7Sp75PEog==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ Frame 95C4 43 B
258 B 426ms
98ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1640116978115&plid=686864&idsite=usatoday.com&url=https%3A%2F%2Fuw-media.courierpostonline.com%2Fembed%2Fvideo%2F3946772002%3Fplacement%3Dsnow-embed&urlref=https%3A%2F%2Fwww.thedailybeast.com%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fuw-media.courierpostonline.com%2Fembed%2Fvideo%2F3946772002%3Fplacement%3Dsnow-embed&sref=https%3A%2F%2Fwww.thedailybeast.com%2F&sts=1640116978114&slts=0&title=Watch%3A+Reaction+to+police+chief%27s+trial&date=Tue+Dec+21+2021+20%3A02%3A58+GMT%2B0000+(GMT)&action=pageview&pvid=45680939&u=OPTOUT
Requested by: Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 20:02:58 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 21-Dec-2021 20:02:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 206 1080p_30fps.mp4
downloadmedia.gannett-cdn.com/authoring/video-renditions/956aa6bb-333a-45c8-81f8-af7a76424352/ Frame 95C4 120 KB
120 KB 36ms
36ms Media
video/mp4 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://downloadmedia.gannett-cdn.com/authoring/video-renditions/956aa6bb-333a-45c8-81f8-af7a76424352/1080p_30fps.mp4

Requested by

Host: uw-media.courierpostonline.com
URL: https://uw-media.courierpostonline.com/embed/video/3946772002?placement=snow-embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9b990b7f969605bbfca29b38f06b71f80305a4c44a4bd2e3d0fabb764852c396

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://uw-media.courierpostonline.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=43614208-

Response headers

x-goog-hash: crc32c=dJEPqw==, md5=mLMMiC/0bsUqk2hDtsEfmA==
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish, 1.1 varnish
etag: "98b30c882ff46ec52a936843b6c11f98"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1205389
x-guploader-uploadid: ADPycdtJKoQ7PdTlX-371zb3vV9fy36UzaVblsgZYRTZHC9iFAQw9giO8HiX0RQQ_1wkOuCyKGNTJZaVN2JYCHcIIT9iJgApzw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
Content-Length: 122865
x-served-by: cache-iad-kiad7000074-IAD, cache-hhn4080-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
Content-Range: bytes 43614208-43737072/43737073
last-modified: Fri, 11 Oct 2019 20:14:13 GMT
server: UploadServer
x-timer: S1640116978.122827,VS0,VE1
date: Tue, 21 Dec 2021 20:02:58 GMT
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: video/mp4
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 21:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 PCHH-TEALIUM-UW.json Show response
www.gannett-cdn.com/dcc/prod/ Frame 95C4 57 KB
8 KB 27ms
27ms XHR
application/json 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcc/prod/PCHH-TEALIUM-UW.json

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

badc7352f5dfaaf481301f7e5ed8bb17c1928f55069c8f41421f42ce06de078f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=tAToAw==, md5=plb56n5uMGxYXbcCfip2fQ==
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "a656f9ea7e6e306c585db7027e2a767d"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 218
x-amz-meta-goog-reserved-file-mtime: 1639603139
x-guploader-uploadid: ADPycdumqHfDYwK6NOzSIrZ7jKq6fXGnBmCOa2CdiUysUwrkCuCl293rVqKlH-n-8ukt3z5IgWjvifUQQpyUtz6wv8--JHvlAw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 7139
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kjyo7100109-IAD, cache-hhn4029-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified: Wed, 15 Dec 2021 21:35:52 GMT
server: UploadServer
x-timer: S1640116978.137986,VS0,VE1
date: Tue, 21 Dec 2021 20:02:58 GMT
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
expires: Wed, 15 Dec 2021 22:32:36 GMT
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 95C4 348 KB
117 KB 36ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Dec 2021 20:02:58 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 95C4 6 KB
3 KB 23ms
7ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 18:52:35 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 4224
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
via: 1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: ssFpWwKY8tQeJcTNbXXD90fC-FPBz9XWWmwNRQozk5zSHlOqtGltvQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 95C4 93 B
459 B 7ms
7ms XHR
application/json 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3062&u=https%3A%2F%2Fuw-media.courierpostonline.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3c400ad5b73607711211201f69d6ffb902c9aec91427f35d35ea749757a68928

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uw-media.courierpostonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 19:25:50 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
server: Server
age: 2228
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://uw-media.courierpostonline.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-length: 93
x-amz-cf-id: v-C_RzfSCcLkMgmm-VviHbS_zOF_2R7CiH3Few9h9IPsCr93EjcI4Q==

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D0EE 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7hNqoQ8T4d0?&enablejsapi=1&playsinline=0&autoplay=0
X-YouTube-Client-Version: 1.20211215.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgthcHp2RWEzY0Nncyjw5YiOBg%3D%3D
X-YouTube-Ad-Signals: dt=1640116976853&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C798%2C449&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 21 Dec 2021 20:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 21 Dec 2021 20:02:59 GMT

GET
H2 200 / Show response
id.thedailybeast.com/ 0
316 B 115ms
51ms XHR
text/plain 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.thedailybeast.com/?maxAge=2628000

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.thedailybeast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:03:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: https://www.thedailybeast.com
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
cf-ray: 6c13b615be9d59ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 03:54:28	Name: _GRECAPTCHA Value: 09ABBMTcNLXL50rFAnvgPWkdETcoWY7qXKhzx_cbgPmN7ast-ypvoAoExRdbNonR2R3RVSixVIhJKQCw9hEBHn7AE
www.thedailybeast.com/	1970-01-19 23:35:18	Name: __tdbsesh Value: eyJub3dJbk1pbnV0ZXMiOjI3MzM1MjgyLCJzZXNzaW9uSWQiOiIwODU1ZDM1Yi0yZGViLTRkODAtYTA2MC01ZWIwMTNhMDRhMDAiLCJkZnBCdWNrZXRJZCI6NH0=
www.thedailybeast.com/	1970-01-19 23:35:18	Name: __tdbsesh.sig Value: p1I9MRg-c4WY-g_pebYsBND3Fzo
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7oB2X7T3ntU
.youtube.com/	1970-01-20 03:54:28	Name: VISITOR_INFO1_LIVE Value: apzvEa3cCgs
www.thedailybeast.com/	1970-01-19 23:35:18	Name: sailthru_pageviews Value: 1
.tinypass.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 47064B33A8D932E11B636E236CC6386C
id.tinypass.com/	1970-01-19 23:35:17	Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB776287862631963EA45639467593466FE96E1B94276A67627DB67CC08526BD652A2F8BF9780DFB5E6CCDC1C7F6662C34DDE4550F2
.www.thedailybeast.com/	1970-01-20 08:20:52	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Dec+21+2021+20%3A02%3A57+GMT%2B0000+(GMT)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b66606e5-ed0c-4f13-82e0-e76934c16232&interactionCount=0&landingPath=https%3A%2F%2Fwww.thedailybeast.com%2Fbill-oreilly-says-he-had-to-console-trump-after-maga-fans-booed-him-for-getting-vaccine-booster&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0%2CC0003%3A0
.thedailybeast.com/	1970-01-20 17:06:28	Name: __tbc Value: %7Bkpbx%7DJx8_GV74GWXBBqB1oQoN9MZl55pXGiEfEUIs9JwHpp8
.thedailybeast.com/	1970-01-20 17:06:28	Name: cX_P Value: kxgjaus8cmw44tgt
.thedailybeast.com/	1970-01-20 00:18:28	Name: __pat Value: -18000000
.thedailybeast.com/	1970-01-19 23:36:43	Name: __pvi Value: %7B%22id%22%3A%22v-kxgjausc9jy1swvp%22%2C%22domain%22%3A%22.thedailybeast.com%22%2C%22time%22%3A1640116977543%7D
.thedailybeast.com/	1970-01-20 17:06:28	Name: xbc Value: %7Bkpbx%7DNmWXYPBrUQ6nqOlWSG73XAE6mKgGAirtSMbVTWNV4Av3_HR9cO2gui9AoaLg0WeYmCyvEcVgHxQlwpYDpKR6H-sYnWXCfMAgt5e9aXhoIR6kEJKAeSF8VvoBEkUw-MGpj6CyL2YGy0IE2jIgKy2XLoZ23DdpYSL0wfBXe5OvhCcCrV_AhiOnal5U5TlFOv4V_iHMBiwtv10ZnHqtcpg6KJ5RrgVbNicGq27kWRShuW3uYBDMl9Z3xYMmswdF_N333TCeJ_YC-jkGV5d-54FzG_tnIFHZBLwhN4tXeEAgX6NvEqza3DPsjLlQ50HO4_UuWBjfW5y--F9HGYo8pQlKbXcLwV9ajDBDQiVxBE_hhqbfOV6itgN5lGNeCFT1jybXPZAo0DaR0agIx2im09OyGncEtFABxRpHufb0XKS2RCj2QKWwgs_2wPv3Pn0nuC8EQrA5kdFyYWDvw3eBIE9nVF921YfxBxzMQ_CRoa2NVbiIxo8RGDZvmUifQF0JhcGq_PqpzhdhBagGhwUv7FmH0A
.thedailybeast.com/	1969-12-31 23:59:59	Name: cX_S Value: kxgjav7xnnqisxa0
www.thedailybeast.com/	1970-01-20 08:20:52	Name: sailthru_content Value: 07e78464d5045076810083ae5a221a1f
www.thedailybeast.com/	1970-01-20 08:20:52	Name: sailthru_visitor Value: a770effd-03e3-4ab0-8e99-63e143566da4
.cxense.com/	1970-01-20 08:20:52	Name: gckp Value: 23u9mnjitenb01a8xtdz15ls8u
.thedailybeast.com/	1970-01-20 08:20:52	Name: cX_G Value: cx%3A3dyjb8rriky2xg8coqbwlm1to%3A2h3xhasa2bknd
uw-media.courierpostonline.com/	1970-01-20 00:18:28	Name: user_gsp Value: 67

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.sail-horizon.com
api.sail-personalize.com
assets.thedailybeast.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
cdn.adsafeprotected.com
cdn.cookielaw.org
cdn.cxense.com
cdn.parsely.com
cdn.polyfill.io
cdn.tinypass.com
cdnjs.cloudflare.com
comcluster.cxense.com
cpt-static.gannettdigital.com
downloadmedia.gannett-cdn.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
graphql-prod.thedailybeast.com
i.ytimg.com
id.cxense.com
id.thedailybeast.com
id.tinypass.com
imasdk.googleapis.com
img.thedailybeast.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.doubleclick.net
uw-media.courierpostonline.com
www.gannett-cdn.com
www.google.com
www.gstatic.com
www.thedailybeast.com
www.youtube.com
yt3.ggpht.com
13.32.21.110
13.32.21.128
13.32.29.201
142.250.185.66
151.101.2.62
151.101.66.62
178.63.12.147
2600:9000:211e:4600:8:48e:53c0:93a1
2606:4700:10::6814:b844
2606:4700::6810:135e
2606:4700::6810:9540
2606:4700::6810:f015
2606:4700::6811:5631
2606:4700::6811:b7b1
2606:4700::6811:b9b1
2606:4700::6812:ca3a
2a00:1450:4001:801::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2016
2a00:1450:4001:812::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2006
2a02:26f0:7100:2ab::268b
2a04:4e42:200::282
54.144.144.142
65.9.7.60
99.83.154.140
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
06ac35460e773b66a9b20b64c1aa9815f80d95c08e913a2e416e31a6eeeda3f0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0d3f540f2da10138955b1a4a1be27a9112c9648e75979157ac2293ef4de77f20
13a7ec5e55169668e503b3f3e1601da002e17a5c5bc35496f2d12db6f6c464cd
176038b9214a0315a6206427b6d15ee5422ae3f706120b89691557e6ee5dccf3
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1ca9fea111b69be9566a1bf0ef25f21b1a283fdf33e79d05a23339d434983cc6
1cc0720a0f6f6ce2f2e333c57e5e8f61dc9d9e40001fab61f62a55259ac93057
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2cacedf31b96f2386162d6fb477ffe5c1c60e7d8a6cace4dfd49897f0099b0f6
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3271da988c7430f46ad20bb91d939b399ef1c584b277b0e508e35d1c62cf07c7
3c400ad5b73607711211201f69d6ffb902c9aec91427f35d35ea749757a68928
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40237423c3896d2082cc2a0a13ca50ec49ce85fae34184e0b08720c7f9a3c123
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
49d18903871865b3f2603824b415e680d8c2e23e8241e2056bae3a2fa5ba54f6
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5071f1b82cf34198f13d9c727f4705d7a4daa61723adacfcd7123abcb4b3c4c7
5487ab3bbea8b1a7083491843003f88e2daa3483133e25fee18ff24ae4311bb4
551c5971b1418d08d6f5f73caa5a4c296eff26ceecdf07f420c752b2ab829de3
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
58c9693215e0691737fe1ce4a66b7ea4af7f4f06319dd981d0cedbe0c6a3b50e
58d54434f258ec7a5820fd441533f0db9bbfc89970e23b96843920394f336787
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b435afa91964ca7c52a4b3b0c9b63468d04778e8c7c5681567e05e7f0aeab23
5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f
5e9d55cd190ee2379564bf06d591119e2412086aa9f738c8090c84a508594d13
5ed121d956f0536756641c36f420ec55d6e703951b06eb5a78ce0b330996eda5
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
66a651f541513b86956655344cb36ac9fb42c523daeea6be091a981e38439e01
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d4a5a8296ca52691fde29abc2b8cd81c06ce8717a4b703ef1221bcd01e1d8dc
71f4a6b13f5d5b9c56c3c3e769b5914c7e5738b295477d9c42caa75101a1ec06
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
77d4359597a7dcf6d876b021f31fc81b19597fac3c065e9320529b000083b728
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
7fa4aa0ac8c3337c88e8f7e01bf4abbd53807b22d7e406e0e40338905e67d605
8002dace9aa6d2f5a60968e10897ec4b45e698b2851a22320a6cb5f7df42c67c
82e4c1b69de1ad445881ee5cb7c5fab3be2b9861c20eec729c443e551c76b836
8316b30cd300b89eea8ae9ab09d4f562cc1ecd574847f0cc2d4f13a4d68a0a5a
836bca9eeddd2e697541a86fc3a6be0bf4b5286bb255c3dd65d9621df24fa342
849f8b047c822420e2f6a7b841a5184b681bab490caa0e7ce27e96efb09974dd
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b333699fb919b7eb3f0a7aff089a5b68b9389a47fc173ce5bd9ca84041d1e0e
9076d5f1843d144889b77fe21594702ce70dfac9ceb95483587c81801a664aee
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
99a6c448844dc06afda36e14e7752317ee1b13e56f6c3839bba95c7d1124d199
9a50689a2608fceacaa447c956579b283e56d95527b09155df9c2ca506fa3572
9b990b7f969605bbfca29b38f06b71f80305a4c44a4bd2e3d0fabb764852c396
9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
a6ab3d025d76e18b3c5b3eaf86c8c64151f1ce4348244650c9a229d45316a9b3
b0496ff7b5e02ba5dcf004405c2b4eba9e66d7a89002346aa17ea3c1b4311806
b0759631728d5640f62a632e4d2c7146cebd454319bbcb92349a00de40f05911
b18b50f2774ea3179d757eaf5a5cbfa991673ebcb7a2d85d0eab8960df418580
b73f22b870756128cb27cef4b00630541a14073332e83617a55c270a15c71e2d
b9ce18d34da826f96811b05b2ba7c769b6ab3edc0d54565dded9c52aa01d38db
badc7352f5dfaaf481301f7e5ed8bb17c1928f55069c8f41421f42ce06de078f
bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a
be66bb200e9a4727466aec9a1af0874a7e91a1c07d879ce25e274907a15930cd
c6a8f3c9edc65b556a691bdd80a75b08a160f51c96d900691f958898d6bd4e1c
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cef5da85a5468d704266dece74dab8a9c8b5a20036b9374659ca6ebe24b84d3d
cf1fa9daf20e68cb1c041d5b036aaa458d5b7e54d92851bbbbfdee53110e26f3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02241458e544edb3707b0d924d46576700f49eb97a2f22fca7242af09d63497
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d38cc41aec5a64fe9a8032aef6970519b539a00d71399ed47aef25a3a6ddb258
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc141398f189fb6ff2d337775206f2ad1bc0934033da5d7673990845071ff96c
dc3322656b2a153176074fa238b9ec43840b3b786abed33d9543e0f5de88dcd4
dd1658348a0fc4888d59a27c0496d288aa749f5d151336ef80c2c1e4dc965ae5
dd78b50687d7029638db787a8084f0ff857b2841afeabb8ac878710809680a59
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df9aa20a3dc2c29281028c2a8714d61048ac869232e9c25abc2736a0e944a998
dfd4264c626300c33e8afd46191c9da20d8e3ad5c3ac0408d4683dd361ca8b9b
dfe2fdbfa5dab704223f15fac0a4c9ee39e2fb20aeec806b910888f5d4248fb4
e04d6ad2aa9ad9eafa8d4715179e09ea5f3746ee31674fee64f779090edcca3d
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00
e629f1692b6fc26f42e7185b2a4dce27414757f21cfd9e4896cf7ad1e2ffa7d2
ea4b20ea635165cdbbecab9b7b486f13b81e9b21cb35d4537a6bbe75faea14e5
eac5b5f4af09b352a942f0c3e7535de7e5b42b63e9d7a2265a343c359013f50b
ec7fb38dc02cbe463429e410e7dc633ce5ab60c62c0315a39402594fbea4bf39
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f449235ef6ed94c26713bc72df6627a1c081a9aa4e1419caebd1ff272356e5f6
f5844d119b0d7d2d0f427bb92c5e16959b51f66509c63bf2f44a4795d7886537
f75944426217b7aa35bfc63c77376c3e6b9a9ea31dcd5ccf8a40995809aaba09
f897b3ffb9fe484b4ead8f4e51c11fcc0c0e18365a89d4638749ed56d438e787
f9a13f9f9a762b95d2c282735be209d0cd61fdf101ce8ce70a55d9a185cb3eae
fb8b0b368f77ad52f888b50575c415e1807efeae70f4ee1f38e5606319bc5b02
fc328eeaf800bfc497c691f3d92a67891dc61368e72111f0c1a02c7fe37d702b
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065
ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354
ff970c3708056e1a85cf2b085d4d73f9f75f67765e9543647ef91266e34d0e98

www.thedailybeast.com Open in urlscan Pro 2606:4700::6811:5631 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

99 %HTTPS

68 %IPv6

25 Domains

40 Subdomains

32 IPs

2 Countries

4099 kBTransfer

11398 kBSize

20 Cookies

39 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thedailybeast.com Open in urlscan Pro
2606:4700::6811:5631 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

40
Subdomains

32
IPs

2
Countries

4099 kB
Transfer

11398 kB
Size

20
Cookies

122 HTTP transactions
2 data transactions