urlscan.io logo urlscan.io
SecurityTrails logo

www.washingtontimes.com Open in urlscan Pro
107.22.109.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mlrc.informz.net/z/cjUucD9taT05ODk4MDQ2JnA9MSZ1PTEwMTA4NTgxNzImbGk9ODQ3NTMyMjk/index.html
Effective URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Submission: On March 07 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 155 IPs in 11 countries across 126 domains to perform 845 HTTP transactions. The main IP is 107.22.109.163, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.washingtontimes.com.
TLS certificate: Issued by Amazon on November 14th 2020. Valid for: a year.
This is the only time www.washingtontimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.197.238.250 14618 (AMAZON-AES)
1 107.22.109.163 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
48 104.21.83.209 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20d... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
6 11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.200.45.184 14618 (AMAZON-AES)
1 2.16.186.49 20940 (AKAMAI-ASN1)
11 2.18.234.190 16625 (AKAMAI-AS)
1 151.101.14.217 54113 (FASTLY)
3 65.9.24.128 16509 (AMAZON-02)
2 12 151.101.194.137 54113 (FASTLY)
5 2a03:2880:f00... 32934 (FACEBOOK)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 3 204.16.246.215 20326 (TERASWITCH)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.219.116.113 16509 (AMAZON-02)
17 142.250.186.66 15169 (GOOGLE)
14 151.139.128.11 20446 (HIGHWINDS3)
1 184.73.100.94 14618 (AMAZON-AES)
1 3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 199.232.136.157 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2.18.234.163 16625 (AKAMAI-AS)
10 2620:1ec:bdf::19 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 8 104.111.238.139 16625 (AKAMAI-AS)
7 2.16.186.114 20940 (AKAMAI-ASN1)
1 18.214.150.11 14618 (AMAZON-AES)
3 2.16.186.88 20940 (AKAMAI-ASN1)
4 70.42.32.95 22075 (AS-OUTBRAIN)
3 151.101.14.132 54113 (FASTLY)
7 52.213.66.185 16509 (AMAZON-02)
9 18.188.204.105 16509 (AMAZON-02)
6 8 185.33.221.88 29990 (ASN-APPNEX)
2 2600:9000:20d... 16509 (AMAZON-02)
1 3 34.98.64.218 15169 (GOOGLE)
1 72.251.249.9 29791 (VOXEL-DOT...)
13 69.173.144.140 26667 (RUBICONPR...)
12 35.157.246.167 16509 (AMAZON-02)
3 15 2.18.234.21 16625 (AKAMAI-AS)
1 104.244.42.69 13414 (TWITTER)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 146.88.138.51 33438 (HIGHWINDS2)
4 35.190.64.11 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.147.47.240 14618 (AMAZON-AES)
4 2.16.186.64 20940 (AKAMAI-ASN1)
1 104.244.42.195 13414 (TWITTER)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
5 54.183.247.206 16509 (AMAZON-02)
1 2600:9000:20d... 16509 (AMAZON-02)
1 2 2620:119:50e3... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.88.95.40 14618 (AMAZON-AES)
4 104.75.88.209 16625 (AKAMAI-AS)
25 205.185.216.42 20446 (HIGHWINDS3)
2 2 204.16.246.216 20326 (TERASWITCH)
3 2a04:4e42:3::621 54113 (FASTLY)
1 104.16.90.50 13335 (CLOUDFLAR...)
4 2.18.232.28 16625 (AKAMAI-AS)
7 2a03:2880:f10... 32934 (FACEBOOK)
1 20.40.202.0 8075 (MICROSOFT...)
3 104.111.239.153 16625 (AKAMAI-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 3 142.250.186.134 15169 (GOOGLE)
1 213.254.244.19 3257 (GTT-BACKB...)
75 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 5 54.221.51.83 14618 (AMAZON-AES)
1 2600:9000:211... 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 116.202.80.165 24940 (HETZNER-AS)
1 65.9.187.73 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.111.243.142 16625 (AKAMAI-AS)
11 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:20d... 16509 (AMAZON-02)
1 8 37.157.6.253 198622 (ADFORM)
2 69.173.144.153 26667 (RUBICONPR...)
1 52.206.223.61 14618 (AMAZON-AES)
12 2a00:1450:400... 15169 (GOOGLE)
4 4 185.29.132.144 30419 (MEDIAMATH...)
6 9 34.249.70.28 16509 (AMAZON-02)
1 2600:1f18:444... 14618 (AMAZON-AES)
2 2 34.242.5.110 16509 (AMAZON-02)
1 2 104.108.41.56 16625 (AKAMAI-AS)
5 5 52.58.182.33 16509 (AMAZON-02)
1 2 199.232.137.44 54113 (FASTLY)
4 37.157.5.73 198622 (ADFORM)
1 52.22.115.237 14618 (AMAZON-AES)
1 54.80.72.72 14618 (AMAZON-AES)
4 2600:9000:20d... 16509 (AMAZON-02)
5 213.174.135.1 39572 (ADVANCEDH...)
5 2.18.233.180 16625 (AKAMAI-AS)
3 3 66.155.71.150 13768 (COGECO-PEER1)
6 62.149.0.72 15497 (COLOCALL ...)
14 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 5 185.94.180.126 35220 (SPOTX-AMS)
3 4 52.59.102.119 16509 (AMAZON-02)
5 5 3.126.56.137 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
30 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 23.79.143.124 16625 (AKAMAI-AS)
10 104.108.50.124 16625 (AKAMAI-AS)
5 18.235.157.195 14618 (AMAZON-AES)
5 69.173.144.139 26667 (RUBICONPR...)
1 1 88.214.206.142 46636 (NATCOWEB)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
17 3.223.102.221 14618 (AMAZON-AES)
5 23.227.137.155 55081 (24SHELLS)
1 213.174.135.2 39572 (ADVANCEDH...)
7 8 142.250.186.130 15169 (GOOGLE)
1 2 52.94.232.32 16509 (AMAZON-02)
1 1 185.183.112.148 60350 (VP)
1 2 159.253.128.183 36351 (SOFTLAYER)
1 4 2a00:1288:110... 34010 (YAHOO-IRD)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 3.219.93.236 14618 (AMAZON-AES)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.183 1299 (TELIANET ...)
1 21 185.64.190.80 62713 (AS-PUBMATIC)
2 52.214.70.9 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 94.23.144.220 16276 (OVH)
3 3 213.19.147.150 3356 (LEVEL3)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 151.101.13.44 54113 (FASTLY)
4 4 3.127.92.82 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.106 62713 (AS-PUBMATIC)
1 185.64.190.81 62713 (AS-PUBMATIC)
2 2 2001:678:cb4:... 56396 (TURN)
1 1 146.0.227.110 20773 (GODADDY)
4 4 151.101.114.49 54113 (FASTLY)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 18.200.32.70 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 6 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
4 2a0c:5c81:514... 55081 (24SHELLS)
1 3 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
2 178.250.2.131 44788 (ASN-CRITE...)
1 184.31.84.150 20940 (AKAMAI-ASN1)
2 51.89.9.253 16276 (OVH)
4 54.234.118.98 14618 (AMAZON-AES)
1 2600:1f18:612... 14618 (AMAZON-AES)
36 185.94.180.123 35220 (SPOTX-AMS)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 52.200.170.47 14618 (AMAZON-AES)
1 52.44.186.244 14618 (AMAZON-AES)
1 1 54.221.215.226 14618 (AMAZON-AES)
1 1 34.194.148.31 14618 (AMAZON-AES)
1 51.89.42.86 16276 (OVH)
11 52.206.149.154 14618 (AMAZON-AES)
40 185.64.190.75 62713 (AS-PUBMATIC)
845 155
1    34.197.238.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mlrc.informz.net
1    107.22.109.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-109-163.compute-1.amazonaws.com
www.washingtontimes.com
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
48    104.21.83.209 (United States)

ASN13335 (CLOUDFLARENET, US)
twt-assets.washtimes.com
twt-thumbs.washtimes.com
media.washtimes.com
9    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:20d7:2c00:c:d51b:4400:21 (United States)

ASN16509 (AMAZON-02, US)
dsms0mj1bbhn4.cloudfront.net
8    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
maxcdn.bootstrapcdn.com
11    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.200.45.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-45-184.compute-1.amazonaws.com
static.newsmaxfeednetwork.com
s.newsmaxfeednetwork.com
1    2.16.186.49 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-49.deploy.static.akamaitechnologies.com
launcher.spot.im
11    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
scripts.webcontentassessor.com
3    65.9.24.128 (Orlando, United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
12    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
vid.connatix.com
img.connatix.com
5    2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:e6::ac40:cf18 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
15    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    204.16.246.215 (United States)

ASN20326 (TERASWITCH, US)
html5-player.libsyn.com
2    2606:4700::6812:1337 (United States)

ASN13335 (CLOUDFLARENET, US)
api.innerskinresearch.com
innerskinresearch.com
1    52.219.116.113 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com
touchcr-web-assets.s3-us-west-1.amazonaws.com
17    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
14    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
m9m6e2w5.stackpathcdn.com
assets.newsmaxwidget.com
images.newsmaxwidget.com
1    184.73.100.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-100-94.compute-1.amazonaws.com
www.shareaholic.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
2    2a02:26f0:6c00:2a2::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    2a02:26f0:6c00::210:baf1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
b-code.liadm.com
1    2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
10    2620:1ec:bdf::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    104.111.238.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
7    2.16.186.114 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-114.deploy.static.akamaitechnologies.com
api-2-0.spot.im
1    18.214.150.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-150-11.compute-1.amazonaws.com
direct-events-collector.spot.im
3    2.16.186.88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-88.deploy.static.akamaitechnologies.com
publisher-assets.spot.im
4    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
3    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
7    52.213.66.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
trends.newsmaxwidget.com
9    18.188.204.105 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-188-204-105.us-east-2.compute.amazonaws.com
capi.connatix.com
8    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    2600:9000:20d7:f600:1f:df94:f9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
hb.undertone.com
ads.undertone.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
washingtontimes-d.openx.net
us-u.openx.net
spot-im-d.openx.net
1    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
13    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
c2shb.ssp.yahoo.com
15    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
3    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    146.88.138.51 (United States)

ASN33438 (HIGHWINDS2, US)
cdn.feedbackify.com
4    35.190.64.11 (Kansas City, United States)

ASN15169 (GOOGLE, US)
absorbingband.com
4    2606:4700::6810:4fa5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
10    2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
id.tinypass.com
buy.tinypass.com
1    54.147.47.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
analytics.shareaholic.com
4    2.16.186.64 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-64.deploy.static.akamaitechnologies.com
events-collector.spot.im
pix.spot.im
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    54.183.247.206 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-247-206.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    2600:9000:20d7:7400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2620:119:50e3:101::6cae:b45 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    2600:1f18:730:b140:28d8:9783:2a08:4b54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.88.95.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp4.liadm.com
4    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
25    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
static.libsyn.com
ssl-static.libsyn.com
2    204.16.246.216 (United States)

ASN20326 (TERASWITCH, US)
assets.libsyn.com
3    2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.16.90.50 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.embed.ly
4    2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com
images.outbrainimg.com
7    2a03:2880:f106:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net
3    104.111.239.153 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-153.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
2    2a02:26f0:6c00:2bd::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
3    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
1    213.254.244.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
75    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
18    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
6    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
c631c1ccfb98181a9ab71575e3c6525a.safeframe.googlesyndication.com
5    54.221.51.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-51-83.compute-1.amazonaws.com
i.liadm.com
1    2600:9000:211e:9400:19:f03c:7200:21 (United States)

ASN16509 (AMAZON-02, US)
d1bvk193qme2fc.cloudfront.net
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
i.clean.gg
2    2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
scdn.cxense.com
2    116.202.80.165 (Germany)

ASN24940 (HETZNER-AS, DE)
sp1cluster.cxense.com
scomcluster.cxense.com
1    65.9.187.73 (United States)

ASN16509 (AMAZON-02, US)
cdn.boomtrain.com
3    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
i.piano.io
1    104.111.243.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
www.aaxdetect.com
11    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2600:9000:20d7:1200:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
8    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
c1.adform.net
2    69.173.144.153 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2-v4.rubiconproject.com
1    52.206.223.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
people.api.boomtrain.com
12    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
9    34.249.70.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    2600:1f18:444a:4680:1ed9:60e9:aafd:7d9f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    34.242.5.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
2    104.108.41.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
5    52.58.182.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
4    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    52.22.115.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
onsite.boomtrain.net
1    54.80.72.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-72-72.compute-1.amazonaws.com
events.api.boomtrain.com
4    2600:9000:20d7:1600:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
5    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
p.appixcdn.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
6    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
sync.spotim.market
14    2a02:26f0:6c00::210:ba18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static-cdn.spot.im
5    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    52.59.102.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
di.rlcdn.com
id.rlcdn.com
30    2606:4700::6812:a21 (United States)

ASN13335 (CLOUDFLARENET, US)
cloud.cavai.com
3    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    18.235.157.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usr.undertone.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    2a02:26f0:6c00:286::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
17    3.223.102.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
5    23.227.137.155 (Piscataway, United States)

ASN55081 (24SHELLS, US)
hb.spotim.market
1    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
8    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
4    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    3.219.93.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.183 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
21    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    52.214.70.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    94.23.144.220 (Netherlands)

ASN16276 (OVH, FR)
PTR: ip220.ip-94-23-144.eu
green.erne.co
3    213.19.147.150 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
4    3.127.92.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    18.200.32.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
6    2606:4700::6812:b21 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics-1.cavai.com
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
3    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
4    54.234.118.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.aniview.com
1    2600:1f18:612b:4232:c38c:36a3:7af7:45e3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p4dt2-x71s7.ads.tremorhub.com
36    185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.dk
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    52.200.170.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
gw.geoedge.be
1    52.44.186.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
match.deepintent.com
1    54.221.215.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
1    34.194.148.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-148-31.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    51.89.42.86 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p26.id5-sync.com
id5-sync.com
11    52.206.149.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
s2s.aniview.com
40    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
Apex Domain
Subdomains		 Transfer
96 googlesyndication.com
tpc.googlesyndication.com
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
pagead2.googlesyndication.com
c631c1ccfb98181a9ab71575e3c6525a.safeframe.googlesyndication.com
570 KB
71 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
hbopenbid.pubmatic.com Failed
vid.pubmatic.com Failed
simage4.pubmatic.com
94 KB
48 washtimes.com
twt-assets.washtimes.com
twt-thumbs.washtimes.com
media.washtimes.com
452 KB
41 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
55 KB
39 rubiconproject.com
fastlane.rubiconproject.com
beacon-fra2-v4.rubiconproject.com
eus.rubiconproject.com Failed
secure-assets.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
81 KB
39 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
318 KB
36 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
s2s.aniview.com Failed
195 KB
36 cavai.com
cloud.cavai.com
analytics-1.cavai.com
1 MB
30 libsyn.com
html5-player.libsyn.com
static.libsyn.com
assets.libsyn.com
ssl-static.libsyn.com
151 KB
30 spot.im
launcher.spot.im
api-2-0.spot.im
direct-events-collector.spot.im
publisher-assets.spot.im
events-collector.spot.im
static-cdn.spot.im
pix.spot.im
310 KB
22 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
13 KB
21 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
582 KB
18 newsmaxwidget.com
assets.newsmaxwidget.com
trends.newsmaxwidget.com
images.newsmaxwidget.com
430 KB
17 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-nydc1.outbrain.com
94 KB
16 casalemedia.com
as-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
htlb.casalemedia.com
19 KB
16 gstatic.com
www.gstatic.com
fonts.gstatic.com
251 KB
14 spotim.market
player.spotim.market
sync.spotim.market
hb.spotim.market
138 KB
14 google.com
www.google.com
adservice.google.com
2 KB
12 adform.net
track.adform.net
s1.adform.net
c1.adform.net
74 KB
12 clarity.ms
www.clarity.ms
c.clarity.ms
22 KB
11 ampproject.org
cdn.ampproject.org
214 KB
10 tinypass.com
experience.tinypass.com
cdn.tinypass.com
id.tinypass.com
buy.tinypass.com
278 KB
10 liadm.com
b-code.liadm.com
rp.liadm.com
rp4.liadm.com
i.liadm.com
i6.liadm.com
17 KB
9 adsrvr.org
match.adsrvr.org
4 KB
9 undertone.com
hb.undertone.com
cdn.undertone.com
ads.undertone.com
usr.undertone.com
7 KB
9 googletagservices.com
www.googletagservices.com
276 KB
8 criteo.com
dis.criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
2 KB
8 adnxs.com
ib.adnxs.com
secure.adnxs.com
7 KB
8 scorecardresearch.com
sb.scorecardresearch.com
6 KB
8 googleapis.com
fonts.googleapis.com
6 KB
7 facebook.com
www.facebook.com
958 B
6 cxense.com
cdn.cxense.com
scdn.cxense.com
sp1cluster.cxense.com
scomcluster.cxense.com
61 KB
5 adtelligent.com
player.adtelligent.com
ghb.adtelligent.com
3 KB
5 geoedge.be
rumcdn.geoedge.be
gw.geoedge.be
152 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 postrelease.com
jadserve.postrelease.com
3 KB
5 outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
142 KB
5 facebook.net
connect.facebook.net
226 KB
5 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
36 KB
5 bootstrapcdn.com
netdna.bootstrapcdn.com
maxcdn.bootstrapcdn.com
88 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 w55c.net
pm.w55c.net
3 KB
4 advertising.com
pixel.advertising.com
1022 B
4 mathtag.com
sync.mathtag.com
2 KB
4 pinterest.com
ct.pinterest.com
2 KB
4 lightboxcdn.com
www.lightboxcdn.com
129 KB
4 absorbingband.com
absorbingband.com
36 KB
3 sitescout.com
pixel-sync.sitescout.com
953 B
3 taboola.com
trc.taboola.com
match.taboola.com
804 B
3 piano.io
i.piano.io
7 KB
3 boomtrain.com
cdn.boomtrain.com
people.api.boomtrain.com
events.api.boomtrain.com
23 KB
3 aaxads.com
c.aaxads.com
l3.aaxads.com
95 KB
3 jsdelivr.net
cdn.jsdelivr.net
46 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
3 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
3 openx.net
washingtontimes-d.openx.net
us-u.openx.net
spot-im-d.openx.net
1 KB
3 bing.com
bat.bing.com
c.bing.com
9 KB
3 stackpathcdn.com
m9m6e2w5.stackpathcdn.com
100 KB
2 criteo.net
static.criteo.net
51 KB
2 onetag-sys.com
onetag-sys.com
1 KB
2 turn.com
ad.turn.com
943 B
2 fiftyt.com
visitor.fiftyt.com
992 B
2 semasio.net
uipglob.semasio.net
1 KB
2 tapad.com
pixel.tapad.com
616 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 bidr.io
match.prod.bidr.io
860 B
2 de17a.com
d5p.de17a.com
637 B
2 simpli.fi
um.simpli.fi
1 KB
2 appixcdn.com
p.appixcdn.com
14 KB
2 rlcdn.com
di.rlcdn.com
id.rlcdn.com
api.rlcdn.com Failed
108 B
2 addthis.com
x.dlx.addthis.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 clean.gg
i.clean.gg
104 B
2 google.de
adservice.google.de
2 KB
2 feedbackify.com
cdn.feedbackify.com
7 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 pinimg.com
s.pinimg.com
18 KB
2 innerskinresearch.com
api.innerskinresearch.com
innerskinresearch.com
405 B
2 newsmaxfeednetwork.com
static.newsmaxfeednetwork.com
s.newsmaxfeednetwork.com
75 KB
2 cloudfront.net
dsms0mj1bbhn4.cloudfront.net
d1bvk193qme2fc.cloudfront.net
41 KB
1 id5-sync.com
id5-sync.com
935 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
381 B
1 extend.tv
sync.extend.tv
546 B
1 deepintent.com
match.deepintent.com
124 B
1 google.dk
adservice.google.dk
799 B
1 tremorhub.com
p4dt2-x71s7.ads.tremorhub.com
472 B
1 gumgum.com
rtb.gumgum.com
g2.gumgum.com Failed
337 B
1 playground.xyz
ads.playground.xyz
490 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 zeotap.com
mwzeom.zeotap.com
596 B
1 contextweb.com
bh.contextweb.com
461 B
1 adgrx.com
cm.adgrx.com
408 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
650 B
1 erne.co
green.erne.co
325 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 adotmob.com
sync.adotmob.com
689 B
1 admanmedia.com
cs.admanmedia.com
413 B
1 googleadservices.com
partner.googleadservices.com
406 B
1 boomtrain.net
onsite.boomtrain.net
730 B
1 admixer.net
inv-nets.admixer.net Failed
559 B
1 aaxdetect.com
www.aaxdetect.com
323 B
1 doubleverify.com
tps.doubleverify.com
416 B
1 azurewebsites.net
lightboxapi.azurewebsites.net
787 B
1 embed.ly
cdn.embed.ly
4 KB
1 quantcount.com
rules.quantcount.com
quantcount.com Failed
1 KB
1 twitter.com
analytics.twitter.com
651 B
1 shareaholic.com
analytics.shareaholic.com
386 B
1 licdn.com
snap.licdn.com
2 KB
1 t.co
t.co
448 B
1 lijit.com
ap.lijit.com
769 B
1 ntv.io
s.ntv.io
102 KB
1 onesignal.com
cdn.onesignal.com
3 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 shareaholic.net
www.shareaholic.net
2 KB
1 amazonaws.com
touchcr-web-assets.s3-us-west-1.amazonaws.com
3 KB
1 npttech.com
www.npttech.com
3 KB
1 webcontentassessor.com
scripts.webcontentassessor.com
31 KB
1 googletagmanager.com
www.googletagmanager.com
47 KB
1 jquery.com
code.jquery.com
30 KB
1 washingtontimes.com
www.washingtontimes.com
33 KB
1 informz.net
mlrc.informz.net
864 B
0 360yield.com Failed
ice.360yield.com Failed
0 creativecdn.com Failed
prebid-us.creativecdn.com Failed
prebid-eu.creativecdn.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
845 126
Domain Requested by
75 tpc.googlesyndication.com absorbingband.com
securepubads.g.doubleclick.net
www.washingtontimes.com
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
tpc.googlesyndication.com
d1bvk193qme2fc.cloudfront.net
40 vid.pubmatic.com player.aniview.com
36 search.spotxchange.com player.aniview.com
30 cloud.cavai.com scripts.webcontentassessor.com
cloud.cavai.com
www.washingtontimes.com
29 twt-thumbs.washtimes.com www.washingtontimes.com
23 static.libsyn.com html5-player.libsyn.com
static.libsyn.com
17 track1.aniview.com www.washingtontimes.com
player.aniview.com
17 twt-assets.washtimes.com www.washingtontimes.com
twt-assets.washtimes.com
16 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.washingtontimes.com
scripts.webcontentassessor.com
15 pagead2.googlesyndication.com d1bvk193qme2fc.cloudfront.net
www.washingtontimes.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
15 fonts.gstatic.com fonts.googleapis.com
14 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
14 static-cdn.spot.im d1bvk193qme2fc.cloudfront.net
13 fastlane.rubiconproject.com twt-assets.washtimes.com
player.spotim.market
12 c2shb.ssp.yahoo.com twt-assets.washtimes.com
11 s2s.aniview.com player.aniview.com
11 googleads.g.doubleclick.net www.washingtontimes.com
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
11 cdn.ampproject.org scripts.webcontentassessor.com
d1bvk193qme2fc.cloudfront.net
11 www.google.com 6 redirects www.washingtontimes.com
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
10 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
10 eus.rubiconproject.com www.washingtontimes.com
cdn.undertone.com
eus.rubiconproject.com
d1bvk193qme2fc.cloudfront.net
10 images.newsmaxwidget.com www.washingtontimes.com
10 www.clarity.ms www.washingtontimes.com
www.clarity.ms
10 widgets.outbrain.com www.washingtontimes.com
widgets.outbrain.com
9 match.adsrvr.org 6 redirects ssum.casalemedia.com
www.washingtontimes.com
player.spotim.market
9 capi.connatix.com cd.connatix.com
9 www.googletagservices.com www.washingtontimes.com
scripts.webcontentassessor.com
d1bvk193qme2fc.cloudfront.net
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
8 cm.g.doubleclick.net 7 redirects www.washingtontimes.com
8 sb.scorecardresearch.com 2 redirects www.washingtontimes.com
s.newsmaxfeednetwork.com
widgets.outbrain.com
d1bvk193qme2fc.cloudfront.net
8 fonts.googleapis.com www.washingtontimes.com
html5-player.libsyn.com
buy.tinypass.com
tpc.googlesyndication.com
static-cdn.spot.im
d1bvk193qme2fc.cloudfront.net
7 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
7 track.adform.net scripts.webcontentassessor.com
s1.adform.net
7 www.facebook.com www.washingtontimes.com
connect.facebook.net
7 trends.newsmaxwidget.com www.washingtontimes.com
assets.newsmaxwidget.com
d1bvk193qme2fc.cloudfront.net
7 api-2-0.spot.im launcher.spot.im
d1bvk193qme2fc.cloudfront.net
static-cdn.spot.im
6 token.rubiconproject.com 3 redirects www.washingtontimes.com
eus.rubiconproject.com
6 analytics-1.cavai.com cloud.cavai.com
6 sync.spotim.market d1bvk193qme2fc.cloudfront.net
www.washingtontimes.com
ssum.casalemedia.com
ads.pubmatic.com
6 buy.tinypass.com d1bvk193qme2fc.cloudfront.net
buy.tinypass.com
6 img.connatix.com www.washingtontimes.com
5 hb.spotim.market player.spotim.market
5 pixel.rubiconproject.com cdn.undertone.com
www.washingtontimes.com
5 usr.undertone.com cdn.undertone.com
5 ups.analytics.yahoo.com 5 redirects
5 sync.search.spotxchange.com 4 redirects www.washingtontimes.com
5 ads.pubmatic.com d1bvk193qme2fc.cloudfront.net
ads.pubmatic.com
www.washingtontimes.com
5 x.bidswitch.net 5 redirects
5 i.liadm.com 1 redirects b-code.liadm.com
i.liadm.com
5 ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com securepubads.g.doubleclick.net
d1bvk193qme2fc.cloudfront.net
5 jadserve.postrelease.com s.ntv.io
www.washingtontimes.com
5 ib.adnxs.com 4 redirects twt-assets.washtimes.com
player.spotim.market
p.appixcdn.com
5 connect.facebook.net www.washingtontimes.com
connect.facebook.net
4 sync.aniview.com www.washingtontimes.com
ssum.casalemedia.com
4 ghb.adtelligent.com p.appixcdn.com
player.spotim.market
4 sync-tm.everesttech.net 4 redirects
4 pm.w55c.net 4 redirects
4 pr-bh.ybp.yahoo.com 1 redirects ssum.casalemedia.com
ads.pubmatic.com
4 pixel.advertising.com 3 redirects www.washingtontimes.com
4 rumcdn.geoedge.be d1bvk193qme2fc.cloudfront.net
www.washingtontimes.com
4 s1.adform.net scripts.webcontentassessor.com
4 sync.mathtag.com 4 redirects
4 images.outbrainimg.com www.washingtontimes.com
4 ct.pinterest.com s.pinimg.com
www.washingtontimes.com
4 www.lightboxcdn.com www.washingtontimes.com
www.lightboxcdn.com
4 absorbingband.com www.washingtontimes.com
d1bvk193qme2fc.cloudfront.net
3 pix.spot.im launcher.spot.im
3 gum.criteo.com 1 redirects d1bvk193qme2fc.cloudfront.net
3 secure.adnxs.com 2 redirects ssum.casalemedia.com
3 player.aniview.com d1bvk193qme2fc.cloudfront.net
www.washingtontimes.com
3 secure-assets.rubiconproject.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 ssum.casalemedia.com 1 redirects d1bvk193qme2fc.cloudfront.net
www.washingtontimes.com
3 player.spotim.market www.washingtontimes.com
player.spotim.market
3 i.piano.io buy.tinypass.com
3 adservice.google.com securepubads.g.doubleclick.net
www.washingtontimes.com
3 ad.doubleclick.net 1 redirects absorbingband.com
widgets.outbrain.com
3 cdn.jsdelivr.net html5-player.libsyn.com
scripts.webcontentassessor.com
3 maxcdn.bootstrapcdn.com html5-player.libsyn.com
3 mcdp-nydc1.outbrain.com widgets.outbrain.com
3 odb.outbrain.com widgets.outbrain.com
3 publisher-assets.spot.im launcher.spot.im
www.washingtontimes.com
3 m9m6e2w5.stackpathcdn.com dsms0mj1bbhn4.cloudfront.net
www.washingtontimes.com
3 html5-player.libsyn.com 1 redirects www.washingtontimes.com
cdn.jsdelivr.net
3 cds.connatix.com www.washingtontimes.com
cd.connatix.com
3 c.amazon-adsystem.com www.washingtontimes.com
c.amazon-adsystem.com
2 static.criteo.net www.washingtontimes.com
static.criteo.net
2 onetag-sys.com p.appixcdn.com
2 bidder.criteo.com player.spotim.market
p.appixcdn.com
2 mug.criteo.com www.washingtontimes.com
2 ad.turn.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pixel.tapad.com 1 redirects image6.pubmatic.com
2 sync.1rx.io 2 redirects
2 match.prod.bidr.io image6.pubmatic.com
ssum.casalemedia.com
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 p.appixcdn.com www.washingtontimes.com
p.appixcdn.com
2 trc.taboola.com 1 redirects i.liadm.com
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 dpm.demdex.net 2 redirects
2 beacon-fra2-v4.rubiconproject.com www.washingtontimes.com
2 cdn.undertone.com scripts.webcontentassessor.com
d1bvk193qme2fc.cloudfront.net
2 scdn.cxense.com d1bvk193qme2fc.cloudfront.net
scdn.cxense.com
2 i.clean.gg d1bvk193qme2fc.cloudfront.net
2 adservice.google.de securepubads.g.doubleclick.net
www.washingtontimes.com
2 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
2 c.aaxads.com absorbingband.com
www.washingtontimes.com
2 pixel.quantserve.com 1 redirects www.washingtontimes.com
2 ssl-static.libsyn.com html5-player.libsyn.com
2 assets.libsyn.com 2 redirects
2 px.ads.linkedin.com 1 redirects www.washingtontimes.com
2 c.clarity.ms 1 redirects www.washingtontimes.com
2 experience.tinypass.com www.washingtontimes.com
cdn.tinypass.com
2 cdn.feedbackify.com www.washingtontimes.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 b-code.liadm.com www.googletagmanager.com
b-code.liadm.com
2 s.pinimg.com www.washingtontimes.com
s.pinimg.com
2 bat.bing.com www.googletagmanager.com
www.washingtontimes.com
2 cd.connatix.com 2 redirects
2 media.washtimes.com www.washingtontimes.com
2 netdna.bootstrapcdn.com www.washingtontimes.com
netdna.bootstrapcdn.com
1 id5-sync.com player.spotim.market
1 beacon.lynx.cognitivlabs.com 1 redirects
1 sync.extend.tv 1 redirects
1 match.deepintent.com ssum.casalemedia.com
1 gw.geoedge.be rumcdn.geoedge.be
1 c631c1ccfb98181a9ab71575e3c6525a.safeframe.googlesyndication.com www.washingtontimes.com
1 adservice.google.dk www.washingtontimes.com
1 simage4.pubmatic.com ads.pubmatic.com
1 p4dt2-x71s7.ads.tremorhub.com player.aniview.com
1 htlb.casalemedia.com player.spotim.market
1 spot-im-d.openx.net player.spotim.market
1 ads.yahoo.com www.washingtontimes.com
1 id.rlcdn.com www.washingtontimes.com
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 c1.adform.net 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com image6.pubmatic.com
1 go1.aniview.com player.aniview.com
1 sync.adotmob.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 player.adtelligent.com player.spotim.market
1 cs.admanmedia.com 1 redirects
1 us-u.openx.net 1 redirects
1 di.rlcdn.com www.washingtontimes.com
1 partner.googleadservices.com www.washingtontimes.com
1 events.api.boomtrain.com cdn.boomtrain.com
1 onsite.boomtrain.net cdn.boomtrain.com
1 ads.undertone.com scripts.webcontentassessor.com
1 inv-nets.admixer.net i.liadm.com
1 i6.liadm.com i.liadm.com
1 l3.aaxads.com www.washingtontimes.com
1 people.api.boomtrain.com cdn.boomtrain.com
1 scomcluster.cxense.com scdn.cxense.com
1 www.aaxdetect.com www.washingtontimes.com
1 cdn.boomtrain.com d1bvk193qme2fc.cloudfront.net
1 sp1cluster.cxense.com scdn.cxense.com
1 d1bvk193qme2fc.cloudfront.net assets.newsmaxwidget.com
1 tps.doubleverify.com widgets.outbrain.com
1 id.tinypass.com cdn.tinypass.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 vid.connatix.com cd.connatix.com
1 cdn.embed.ly html5-player.libsyn.com
1 cdn.tinypass.com experience.tinypass.com
1 rp4.liadm.com www.washingtontimes.com
1 rp.liadm.com 1 redirects
1 www.linkedin.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 stats.g.doubleclick.net www.google-analytics.com
1 c.bing.com 1 redirects
1 analytics.twitter.com static.ads-twitter.com
1 events-collector.spot.im launcher.spot.im
1 analytics.shareaholic.com m9m6e2w5.stackpathcdn.com
1 snap.licdn.com www.washingtontimes.com
1 secure.quantserve.com www.washingtontimes.com
1 t.co www.washingtontimes.com
1 as-sec.casalemedia.com twt-assets.washtimes.com
1 ap.lijit.com twt-assets.washtimes.com
player.spotim.market
1 washingtontimes-d.openx.net twt-assets.washtimes.com
1 hb.undertone.com twt-assets.washtimes.com
1 assets.newsmaxwidget.com static.newsmaxfeednetwork.com
1 log.outbrainimg.com widgets.outbrain.com
1 widget-pixels.outbrain.com www.washingtontimes.com
1 direct-events-collector.spot.im launcher.spot.im
1 s.ntv.io www.googletagmanager.com
1 cdn.onesignal.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.shareaholic.net dsms0mj1bbhn4.cloudfront.net
1 touchcr-web-assets.s3-us-west-1.amazonaws.com www.washingtontimes.com
1 innerskinresearch.com www.washingtontimes.com
1 api.innerskinresearch.com 1 redirects
1 www.npttech.com www.washingtontimes.com
1 scripts.webcontentassessor.com www.washingtontimes.com
1 s.newsmaxfeednetwork.com www.washingtontimes.com
1 launcher.spot.im www.washingtontimes.com
1 static.newsmaxfeednetwork.com www.washingtontimes.com
1 www.googletagmanager.com www.washingtontimes.com
1 www.gstatic.com www.washingtontimes.com
1 dsms0mj1bbhn4.cloudfront.net www.washingtontimes.com
1 code.jquery.com www.washingtontimes.com
1 www.washingtontimes.com
1 mlrc.informz.net 1 redirects
0 api.rlcdn.com Failed player.spotim.market
0 prebid-eu.creativecdn.com Failed p.appixcdn.com
0 ice.360yield.com Failed p.appixcdn.com
0 prebid-us.creativecdn.com Failed player.spotim.market
0 hbopenbid.pubmatic.com Failed player.spotim.market
0 hb-api.omnitagjs.com Failed player.spotim.market
0 g2.gumgum.com Failed player.spotim.market
0 quantcount.com Failed secure.quantserve.com
845 226
Subject Issuer Validity Valid
washingtontimes.com
Amazon		 2020-11-14 -
2021-12-13		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-16 -
2021-08-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
newsmaxfeednetwork.com
Amazon		 2020-09-23 -
2021-10-23		 a year crt.sh
*.spot.im
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-26 -
2021-11-30		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-01-27 -
2022-02-28		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.libsyn.com
Sectigo ECC Organization Validation Secure Server CA		 2020-06-11 -
2022-06-09		 2 years crt.sh
*.s3-us-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-07-30 -
2021-08-04		 a year crt.sh
*.stackpathcdn.com
Go Daddy Secure Certificate Authority - G2		 2019-06-27 -
2021-06-27		 2 years crt.sh
*.shareaholic.net
R3		 2021-02-15 -
2021-05-16		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
b-code.liadm.com
DigiCert Secure Site ECC CA-1		 2020-06-23 -
2021-09-22		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
www.clarity.ms
DigiCert SHA2 Secure Server CA		 2020-09-03 -
2021-09-03		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
assets.newsmaxwidget.com
R3		 2021-01-09 -
2021-04-09		 3 months crt.sh
newsmaxwidget.com
Amazon		 2020-09-21 -
2021-10-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-03 -
2022-02-19		 a year crt.sh
*.undertone.com
Amazon		 2020-11-03 -
2021-12-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-11 -
2021-08-03		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.feedbackify.com
RapidSSL RSA CA 2018		 2020-06-05 -
2021-09-04		 a year crt.sh
absorbingband.com
R3		 2021-02-16 -
2021-05-17		 3 months crt.sh
ssl516460.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-10-27 -
2021-05-05		 6 months crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2020-09-17 -
2021-09-17		 a year crt.sh
shareaholic.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
c.msn.com
Microsoft RSA TLS CA 02		 2021-02-03 -
2022-02-03		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-01-06 -
2021-07-05		 6 months crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
*.embed.ly
Sectigo RSA Domain Validation Secure Server CA		 2021-02-15 -
2022-02-22		 a year crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01		 2020-09-28 -
2021-09-28		 a year crt.sh
*.aaxads.com
DigiCert Secure Site ECC CA-1		 2020-02-11 -
2021-05-12		 a year crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2020-03-11 -
2021-06-10		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.doubleverify.com
Network Solutions OV Server CA 2		 2019-11-05 -
2021-12-13		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
i.clean.gg
GTS CA 1D2		 2021-02-18 -
2021-05-19		 3 months crt.sh
images.crserving.com
R3		 2021-01-17 -
2021-04-17		 3 months crt.sh
cdn.boomtrain.com
Amazon		 2020-04-14 -
2021-05-14		 a year crt.sh
*.aaxdetect.com
DigiCert Secure Site ECC CA-1		 2020-02-11 -
2021-05-12		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.api.boomtrain.com
Amazon		 2020-12-16 -
2022-01-14		 a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-10-15 -
2021-04-09		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
app.zetaglobal.net
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
rumcdn.geoedge.be
Amazon		 2020-10-02 -
2021-11-03		 a year crt.sh
player.spotim.market
R3		 2021-03-02 -
2021-05-31		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2020-02-26 -
2021-05-27		 a year crt.sh
sync.spotim.market
R3		 2021-02-05 -
2021-05-06		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon		 2020-11-18 -
2021-12-18		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
hb.spotim.market
R3		 2021-02-10 -
2021-05-11		 3 months crt.sh
p.appixcdn.com
R3		 2021-02-13 -
2021-05-14		 3 months crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-28 -
2021-04-13		 a month crt.sh
ghb.adtelligent.com
R3		 2021-01-06 -
2021-04-06		 3 months crt.sh
onetag-sys.com
R3		 2021-02-10 -
2021-05-11		 3 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-18 -
2021-03-17		 2 years crt.sh
*.google.dk
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
protect.geoedge.be
Sectigo ECC Domain Validation Secure Server CA		 2020-01-29 -
2022-01-28		 2 years crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.id5-sync.com
R3		 2020-12-26 -
2021-03-26		 3 months crt.sh

This page contains 73 frames:

Primary Page: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Frame ID: 1821A1C881B525A29FD8BDA49A020394
Requests: 409 HTTP requests in this frame

Frame: https://cds.connatix.com/p/106673/connatix.playspace.dc.js
Frame ID: C2D3EC9BD53E8C77F74CFAEC965F8617
Requests: 11 HTTP requests in this frame

Frame: https://cds.connatix.com/p/106673/connatix.player.dc.js
Frame ID: A793A7DFD6ADBF53A7B593D702FE9A22
Requests: 1 HTTP requests in this frame

Frame: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Frame ID: 769436EE7D3A8291B6A94C2EFCC95CBC
Requests: 34 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 7DB94B4DD60545D462868CCB80C7797A
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 7CC1EE16AEA6D1CE43D4F604A696D30D
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: B4021CA07E28A35991B96C10AEBA616E
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 149361F921AC999E9FB4F11B5A4F9633
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: DD109CD0321DE5FADB8AE7BC5360FAA4
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01en?s=&cim=&ps=true&ls=true&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: CAF86B4994F3A273A0921C97EF665E28
Requests: 8 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Frame ID: 350BA4B835D5C36A2C17D8DBA78D92B1
Requests: 14 HTTP requests in this frame

Frame: https://scdn.cxense.com/sp1.html
Frame ID: 18CCC0643B09DA5998FE9BA82CD5C978
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: B35D34A343E2EEB8F883692FFB10BCC8
Requests: 11 HTTP requests in this frame

Frame: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 7FB9048AF42A6D0E146DFAD4BC3C7597
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzsgagki5G5THvv6etMoaukmt04uVNgcpiQQjlb4GfrYWe3z4QDrFZQICmrt81U11Cs2rQqHe9BO5epGh4GtpjQJTdX29IZwsTU2siN5qNoS80p9oNmpGfxramy2tOWM437xtPA2fYT6JvaWvLcR9aJKyjciF8TcWki-BOwDXvCCv10G717WLX1gf9mfJ9GH1Zc3Y59yBlcMV7Qra5QUjB_1WjJ81k4LCDnGgWHWs_MtaqxBBLGxDZ8edYBw3BN9f8_1fSh7XckPVTaQqGTMHoV0299uMTsk9rXClQDeWNiw8ZifE2QLdNNvUgKw-qCcX0JQWEBI4&sig=Cg0ArKJSzEfGd70fjYKjEAE&urlfix=1&adurl=
Frame ID: B31B2125968CBD6B473D252EB72BEEBB
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 8CE924E333C02E78F8005975FDE15F1E
Requests: 12 HTTP requests in this frame

Frame: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: D3D39C393D798C94407E628C9FA9A2DE
Requests: 7 HTTP requests in this frame

Frame: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: CCF75F42B518A7689108923FABDE3DD4
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm0yRWcxu8gOOVaX0LUeB7hB_1jHf990MhNsgd8JzXOqdiv8Z6Rk0BsQstTcsR4xxC8pquZIjePzqbjsIyw57wrenbae1qKgu7pKrN0mOd0fBLX90BmR8gv055P6ZvoQhiusS1wEBx-jpxdFKWhT5OApZbDQrCAhSu5CTnENm620FRwd5YLLyjyt7UWZOFKak9zPj0tIKJpGYKOI06XcNWqKxLWUMkv-ppgnTIOeBYwTRljUKrHRpDg3yIoJAbvL_ZZE31w4ET31ubYtnVpvJWSj78bROOG537t0RSdfC2q9G2LD6XyPNBkcksHyYuAE_YWHrk&sig=Cg0ArKJSzEsF0tdr6Ak9EAE&urlfix=1&adurl=
Frame ID: A001DB80D10414E205F828722438F7B9
Requests: 13 HTTP requests in this frame

Frame: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 7320342D973F93D85384BE5D89A2D9F4
Requests: 7 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/ajs.js
Frame ID: 93EBD03460D0D0CEEA3F160DAC0C5C41
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Frame ID: 0CD3F182223B6112E0AE413AA6F5E7DE
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkQ1wCTlEYKynHsr63gPk-L6AAanMmbhcz52P9MkLloLNhYgWEAEggJbvEGDRgbmC0AegAfGP284DyAEJqQJz6XqkXn-FPuACAKgDAcgDCKoE1QJP0B5VdDf-BOjZqd37aIYQgvbNopllQvtUiL-Qy2E-Eht2JEasYd5lchsLFJlE9nzUwPqCKBoJ4um1mxSi5_UniUbLv5B-4G8d3I1IxRyQC1oRQ8jQGbSaryVyWdop7ZSa34DLqeywfoxpOFC8kKQ2q_EfDsQZlDHcQrOqcLWaDjB1LffGgWhgcRFjjuSJpBMHJYCT0NzN0ho4RTKZpeVXkdCy2_cCIVSqcuVNlIn8DTXedA8kXAXf6ZcXkZP30EfVfZVAFVIjN7Q5WJoWVFV9bhNFfSHVR_AiHr0ieEP5dArRdZzIWFpfF-A4h32SWtxU0a8sfXvLjW8vupjgLDNcuz9L6u6krP07vpH3Jehz9lWtP0PiFWnPhO1c7PjWCSL4g2nWgx_vBJENQB1xUm5M4rcKjoZDVjsF1Z5-8Z3hNj5AUD3S0irc96sOCS1xTgMiSfw_48AE0O6c64gD4AQBkgUECAQYAZIFBAgFGASgBi6AB_fvpDGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQvtEn0ggJCIDhgBAQARgdgAoDyAsB2BMNshcaChgIABIUcHViLTA3MTc0NjkzNjg0MDYyNzY&sigh=qY1d9fHeGCs&template_id=419&tpd=AGWhJms3vCcJolEGTM96jr_72OwlMQyj_-lwFES52GZyfsor-A
Frame ID: 7646B5B7122A38825E275BF0EF7C2A0A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Frame ID: F2EAB6CA58C24BAC9B95895DB14720C9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/index.html
Frame ID: 6BD2ACEB4FDF57D93F780D094A5F182B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A120FC2E3F6B1227973EF8944D8DF41A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html
Frame ID: 820EDBFFF315AFB31424670098D0FAD1
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/index.html
Frame ID: 1A3CB3EAE0F0553D447B29930DA941AB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C261EF19A4D8F2EB21091BAF6FE89928
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E99CDAB8B90097D486338E9BFB60A961
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D8226D13CC2FA924CFA315CE028FA715
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9595286865800821&output=html&adk=1812271804&adf=2751417942&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615083787111&bpp=12&bdt=1284&idt=633&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dd2d6223518cb0b0e%3AT%3D1615083785%3AS%3DALNI_MbSI0dhSn1IaI7RdilLRYMXQhYiJg&nras=1&correlator=8261809594697&frm=23&ife=1&pv=2&ga_vid=677044234.1615083788&ga_sid=1615083788&ga_hid=735846756&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2696519191&scr_x=0&scr_y=0&eid=21066923&oid=3&pvsid=81111569845521&rx=0&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8196&bc=31&ifi=1&uci=1.m8h21l21m1rl&fsb=1&dtd=912
Frame ID: 764CEA75DD0D559972A0661EF4905FDC
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 254A2B3DC712D67094A4B7D2FD07F2A4
Requests: 40 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 6BB55105280B6B7D1E863648D79CD613
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Frame ID: 2948A6E1490F7AE769AC1B335ED6A574
Requests: 10 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
Frame ID: 5B8D55FEE6FF095F7C84D2C30A14A2D4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 47CD34F7A03B8FD247B591E56BB1E54C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DC5739F455A8F1EA06E3FF3976ECD974
Requests: 2 HTTP requests in this frame

Frame: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Frame ID: FA62079D45EAF4F5B9AEB5468C369007
Requests: 16 HTTP requests in this frame

Frame: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Frame ID: 05E420470F2768178E8492D1DFE0702D
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 57CE24672A4D46BA4C6F39A14C9C9401
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=dk
Frame ID: 8CBCFF5223753608175D2D6EFA41FF04
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=dk
Frame ID: 88F92A4AF5BF210E6FDF1C59EF6D545A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AC56546C2206944BD1C763C98498B6CE
Requests: 25 HTTP requests in this frame

Frame: https://p.appixcdn.com/prebidlink/18693/j.html?i=6963
Frame ID: 1C81CDFDFB794937939A47D195680E5F
Requests: 10 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: FE6313CB23E0DE6ED6E19701EA000A1B
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 58C8C77813D5C1F82A0C9B2F9D9C656C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9215194089315272675
Frame ID: 9CA3326567575771CC103658B70B0C00
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 9AAEAAFE58789229B3F1BD3045F58DD6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936732122777254029
Frame ID: FE249FC97C42E660ADFFB4DD2C6B4C65
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=DIYWibop2RXAtFaRhf87Wbdv
Frame ID: 5F7E2C0D75650E70DF7A81038F45E1FE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003
Frame ID: C37B0CB47B97343AEF774D7CDC621A35
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 1FAC1EDA70BF607B59CE9FCA599DF473
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1E7769E737EB168E6273142F1119F4DB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=blKkuo6nwkdh&pid=557219
Frame ID: F2868CCAE258672FC48B7877A84628BD
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=835515c1-11d7-4376-8030-a4700622c51f-tuct73dbe8d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: AC15326D91ABE9D225E4DEE2F3639B03
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPZgl6Pa1LiJ4E5&gdpr=0&gdpr_consent=
Frame ID: AF5E9267A694396722B7347C7F4E8580
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: C6BAC8AEAA1ED4366D715173D8F1D603
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=D3D14F32-36CD-4416-B829-D45C55888FE8
Frame ID: E699E929D11780449C6FBA63C4197934
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 623040F31D5F14AB7EC088BAB8210236
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Frame ID: 5AB866836A1CAAF0F985294A2AE1F85D
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=55&key=1464628836493193853
Frame ID: C62D953FFBF7F568AE3FC36B9397725C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D1%26key%3D
Frame ID: A3A2C2B421A0FF8D946B09BB074D4EC6
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 6823A44563DEB1A4291347F912E3C927
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=2&key=0eab7120-7eec-11eb-a660-1a7ccaea0406
Frame ID: 91EDC1A27C28A1E8BD226BD062B53E13
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 9B0D796BAB48F18F2FA5676ACAFC4476
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Frame ID: 93ACF61139481F3219E4B4DED4CBBF34
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1615083793157
Frame ID: 21193F21DD594C6050F9D2E827944D03
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Frame ID: 72F389E4F33234B7A707F97219C835EF
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: FE65C5C09EC83E4E69A41BF4DCB23BFA
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7DAE4556C5B24C46DAB823CC84E32147
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.washingtontimes.com
Frame ID: 20EE690018E3BD58FF35A92546AEA846
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: A385F34F95CBE75EAA0DBC828187DF1D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mlrc.informz.net/z/cjUucD9taT05ODk4MDQ2JnA9MSZ1PTEwMTA4NTgxNzImbGk9ODQ3NTMyMjk/index.html HTTP 307
    https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

845
Requests

95 %
HTTPS

32 %
IPv6

126
Domains

226
Subdomains

155
IPs

11
Countries

7410 kB
Transfer

19089 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mlrc.informz.net/z/cjUucD9taT05ODk4MDQ2JnA9MSZ1PTEwMTA4NTgxNzImbGk9ODQ3NTMyMjk/index.html HTTP 307
    https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 59
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/106673/connatix.playspace.dc.js
Request Chain 60
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/106673/connatix.player.dc.js
Request Chain 69
  • https://html5-player.libsyn.com/embed/destination/id/1419779/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/ HTTP 302
  • https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Request Chain 71
  • https://api.innerskinresearch.com/alternAdImpression?id=id0&path=%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&date=3%2F7%2F2021 HTTP 301
  • https://innerskinresearch.com/eu/
Request Chain 86
  • https://sb.scorecardresearch.com/b?c1=2&c2=17692074&ns__t=1615083783738&ns_c=UTF-8&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17692074&ns__t=1615083783738&ns_c=UTF-8&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&c9=&cs_ak_ss=1
Request Chain 154
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=0643535D75F743C7824143E74D76597F&RedC=c.clarity.ms&MXFR=0BE0B0A23D7B66EC3FB8BF51397B680B HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=0643535D75F743C7824143E74D76597F&MUID=2817EB1994BE62610127E4EA956C63E6
Request Chain 163
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1615083784346&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1586410%26time%3D1615083784346%26url%3Dhttps%253A%252F%252Fwww.washingtontimes.com%252Fnews%252F2021%252Fmar%252F4%252Fbiden-administration-sides-with-cheerleader-in-fir%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1615083784346&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&liSync=true
Request Chain 164
  • https://sb.scorecardresearch.com/b?c1=7&c2=9248945&c3=100000&ns__t=1615083784428&ns_c=UTF-8&cv=3.5&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=9248945&c3=100000&ns__t=1615083784428&ns_c=UTF-8&cv=3.5&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&c9=&cs_ak_ss=1
Request Chain 165
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-01en&wpn=lc-bundle&pu=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&se=e30&dtstmp=1615083784429 HTTP 302
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01en&wpn=lc-bundle&pu=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&se=e30&dtstmp=1615083784429&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Request Chain 197
  • https://assets.libsyn.com/secure/item/18202610/?height=90&width=90 HTTP 302
  • https://ssl-static.libsyn.com/p/assets/4/b/b/8/4bb8453246b03bb5/height_90_width_90_FP_1400x1400.9.png
Request Chain 210
  • https://assets.libsyn.com/player_logo/199565?theme=custom HTTP 302
  • https://ssl-static.libsyn.com/p/assets/platform/html5player/libsyn-player-custom.png
Request Chain 243
  • https://ad.doubleclick.net/ddm/trackimp/N1114924.1984505OUTBRAIN/B25209449.293404736;dc_trk_aid=486880299;dc_trk_cid=144677242;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?&obRequestId=tXjQ_-CsnM9Fe2OblyFRglIc0EetFS9vtbLofrA2AokRBK3YdXFrLF9ox8vrsVxN&obTimestamp=1615083784237 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1114924.1984505OUTBRAIN/B25209449.293404736;dc_pre=CN3FuPqPne8CFevtuwgdK6kFFQ;dc_trk_aid=486880299;dc_trk_cid=144677242;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?&obRequestId=tXjQ_-CsnM9Fe2OblyFRglIc0EetFS9vtbLofrA2AokRBK3YdXFrLF9ox8vrsVxN&obTimestamp=1615083784237
Request Chain 336
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01en%2F0%2Fe1e8ed17237646a5b7776f6c1cde153e%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&20330a1b-6525-4f3a-bb3e-d1566a2846de HTTP 302
  • https://i.liadm.com/s/e/a-01en/0/e1e8ed17237646a5b7776f6c1cde153e?mpid=7156&muid=947b6044-390a-4800-803f-30e22cd69a94
Request Chain 337
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e1d875cd-72bc-4fe9-8414-488e29ed2798 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e1d875cd-72bc-4fe9-8414-488e29ed2798
Request Chain 338
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=20330a1b-6525-4f3a-bb3e-d1566a2846de&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01en%2F0%2Fe1e8ed17237646a5b7776f6c1cde153e%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=20330a1b-6525-4f3a-bb3e-d1566a2846de&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01en%2F0%2Fe1e8ed17237646a5b7776f6c1cde153e%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-01en/0/e1e8ed17237646a5b7776f6c1cde153e?mpid=82775&muid=43916833738364859912040690386094620844
Request Chain 339
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=20330a1b-6525-4f3a-bb3e-d1566a2846de HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=20330a1b-6525-4f3a-bb3e-d1566a2846de&rd=Y
Request Chain 340
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=20330a1b-6525-4f3a-bb3e-d1566a2846de&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=20330a1b-6525-4f3a-bb3e-d1566a2846de&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=0bb0d2bf-9b98-437f-ab1c-0e86342894db
Request Chain 341
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=20330a1b-6525-4f3a-bb3e-d1566a2846de HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=20330a1b-6525-4f3a-bb3e-d1566a2846de HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dliveintent%26bsw_param%3D0bb0d2bf-9b98-437f-ab1c-0e86342894db%26gdpr%3D%26consent%3D%26gdpr_pd%3D
Request Chain 343
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 417
  • https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Request Chain 418
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 419
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
Request Chain 422
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=1464628836493193853
Request Chain 423
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=0e9070ba-7eec-11eb-9cba-1d66682b2806
Request Chain 424
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e99e444-7eec-11eb-bc23-02ae808367ac HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e99e444-7eec-11eb-bc23-02ae808367ac&verify=true HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-.BAU0Nd1l2bvPJey_kzQX8lZI9xAlfQD~UP0e99e444-7eec-11eb-bc23-02ae808367ac
Request Chain 425
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=0eab715b-7eec-11eb-a660-1a7ccaea0406 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=0eab7120-7eec-11eb-a660-1a7ccaea0406
Request Chain 434
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 442
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 457
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 477
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 478
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1464628836493193853
Request Chain 479
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=3415464f-4790-00d0-1156-3fa10c0c8a4b
Request Chain 480
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e99e444-7eec-11eb-bc23-02ae808367ac HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-1IgDbpJ1l2ZC3slubNiVSZjScQcDfl8O~UP0e99e444-7eec-11eb-bc23-02ae808367ac
Request Chain 481
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=e1d875cd-72bc-4fe9-8414-488e29ed2798&ttl=1617675789
Request Chain 483
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1f54fcc36d628bfe6408e77a207fcd9b702a1cfa
Request Chain 493
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 513
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEQ5DOXDLEHXvkPbcd.ClQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDqeJgyPGlXNrzYwd-dkZoI&google_cver=1&google_hm=2
Request Chain 514
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEHANlgl3ohNFCX9kQrGmIOw&google_cver=1
Request Chain 515
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB&dcc=t
Request Chain 518
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05f62204275fbcf4653ce22a&expiration=[EXPIRATION]&gdpr=1
Request Chain 519
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9B22640F01CB42CB8B2DC173A2B39BAB&gdpr=1
Request Chain 535
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9215194089315272675
Request Chain 537
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936732122777254029
Request Chain 538
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=DIYWibop2RXAtFaRhf87Wbdv
Request Chain 539
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2936490194 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2936490194 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/96eb8459-8283-47a7-8f41-2ad0c236f9e1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003
Request Chain 541
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 542
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=blKkuo6nwkdh&pid=557219
Request Chain 543
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=835515c1-11d7-4376-8030-a4700622c51f-tuct73dbe8d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 544
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPZgl6Pa1LiJ4E5&gdpr=0&gdpr_consent=
Request Chain 545
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 547
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=09FPMjbNRBa4KdRcVYiP6A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 549
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D3D14F32-36CD-4416-B829-D45C55888FE8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D3D14F32-36CD-4416-B829-D45C55888FE8&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 550
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D3D14F32-36CD-4416-B829-D45C55888FE8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D3D14F32-36CD-4416-B829-D45C55888FE8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D3D14F32-36CD-4416-B829-D45C55888FE8&addseg=29
Request Chain 551
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDNEMTRGMzItMzZDRC00NDE2LUI4MjktRDQ1QzU1ODg4RkU4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 552
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDQIJ5xD1jRQ5LV-f2HAWc0&google_cver=1
Request Chain 554
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5384953386480437165
Request Chain 555
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:947b6044-390a-4800-803f-30e22cd69a94&gdpr=0&gdpr_consent=
Request Chain 556
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1d875cd-72bc-4fe9-8414-488e29ed2798
Request Chain 557
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1464628836493193853&gdpr=0&gdpr_consent=
Request Chain 558
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D3D14F32-36CD-4416-B829-D45C55888FE8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HclQy9B1l2InULCFknP7eBP9ftPJ8o0-&gdpr=0&gdpr_consent=
Request Chain 560
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8263388018784814492&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 561
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1h9KP9MWTjPNSko7gh1Tb9IXRm3NFhpo1xhctjy8
Request Chain 562
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3D0bb0d2bf-9b98-437f-ab1c-0e86342894db%26gdpr%3D0%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=09a7c9b0a6b54fc88bbcb2378f686efd&ssp=pubmatic&bsw_param=0bb0d2bf-9b98-437f-ab1c-0e86342894db&gdpr=0&consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=354&user_id=09a7c9b0a6b54fc88bbcb2378f686efd&ssp=pubmatic&bsw_param=0bb0d2bf-9b98-437f-ab1c-0e86342894db&gdpr=0&consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=48398044-6b02-43b6-ac81-2c942856e6f5&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 563
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YEQ5EQAAAG4Duizr HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEQ5EQAAAG4Duizr&gdpr=0&gdpr_consent=&_test=YEQ5EQAAAG4Duizr
Request Chain 564
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 566
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d2e7e4db-65ce-41ae-80f4-07340cdd1b33&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 567
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1464628836493193853
Request Chain 568
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_6c4023b5-ec99-4d47-91b5-b3cf6ccdf999
Request Chain 574
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/07cyBqjZ9ClF5yIb-l2b2A?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2431745423828351792
Request Chain 576
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=947b6044-390a-4800-803f-30e22cd69a94
Request Chain 578
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLYJ6NQF-E-HJHK&sigv=1&esig=2~ebf90c5918bfd3b4928bfd25f3f90cdc773fde7e&us_privacy=1---
Request Chain 579
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xZSjZOUUYtRS1ISkhL&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xZSjZOUUYtRS1ISkhL&us_privacy=1---&google_tc=
Request Chain 580
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YEQ5EQAAAKryAyrK HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEQ5EQAAAKryAyrK&us_privacy=1---&_test=YEQ5EQAAAKryAyrK
Request Chain 581
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFnjK-tIga6p4D5AvzwUnjE&google_cver=1
Request Chain 585
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 588
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.washingtontimes.com%2F&domain=www.washingtontimes.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=7yGAeXxpeEVEZDBrN0REQXJGSFJQT3FvUzRrdHlXb2VYR1ZYb2dmcnJXdVJPbytKQS9ONEVYNjkybEFpclIrMDNSTmFmOFlFWC95TDRCYlpGRVc2bzE5eVhMSW91Vzc0NCszemFSV3hPNURrNFg0azl0SjBQV21KWEM3eHZ0cVhYek1CczFrOG9yQWg5dDJBcE1QMHViaXN6NDRaYTRGT1BOWTB1OFVncS9EaHNDdWFHUXZMa3dmSzFNdkJlaWpFcmU3TjVpMkxQckc3Y2t4Ym81TFFOYUtXVTl1M2RTcmxhUnVmN0NOWHhOZG4rU0RXK2l4QXNhQi92c05ZRlpDZVowZ0MvfA&cppv=2
Request Chain 606
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=55&key=1464628836493193853
Request Chain 609
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=2&key=0eab7120-7eec-11eb-a660-1a7ccaea0406
Request Chain 610
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 611
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Request Chain 716
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
Request Chain 717
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=98906044-3913-4a00-af8c-682da52c8689&gdpr=1&gdpr_consent=
Request Chain 718
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3830289724515486934
Request Chain 721
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29b742c1-c215-4d7b-b335-09719e4b3114 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29b742c1-c215-4d7b-b335-09719e4b3114&C=1
Request Chain 722
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=mjHfR8Gn1LiJ4E5&gdpr=1
Request Chain 723
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dd68768a-93fb-48c4-ad5c-86be3d2d9a21&expiration=1646619797

845 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Redirect Chain
  • http://mlrc.informz.net/z/cjUucD9taT05ODk4MDQ2JnA9MSZ1PTEwMTA4NTgxNzImbGk9ODQ3NTMyMjk/index.html
  • https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
123 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.109.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-109-163.compute-1.amazonaws.com
Software
/
Resource Hash
651aa40c0caa18e5e1ac5d9a21cdabfaeb148e6e89cfbd29037c2315b79831f6

Request headers

:method
GET
:authority
www.washingtontimes.com
:scheme
https
:path
/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-type
text/html; charset=utf-8
content-length
33279
content-encoding
gzip
etag
W/"2ef38ede5fa0ab9480cd7049583c8f97"
vary
Accept-Encoding
x-backend
web01
cache-control
max-age=3600
x-cacheable
YES
x-varnish
112764673 109548628
age
1516
via
1.1 varnish (Varnish/6.0)
accept-ranges
bytes

Redirect headers

Date
Sun, 07 Mar 2021 02:23:02 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Set-Cookie
AWSALBTG=DYwulFo7LMt9SAsxlCmNQSNT2xffDf63FaKA4mAiBfg85Z/Zjvkv2pwbXiNnOTa5Cs1iC2MH6OQ8419eroET/u77rr430i8YDsadaqkmWzYEuRdO8knnOkjFy1nHZllSDvCkPedGU0RsUurS4Hkn/po1aYuQYgzVGHnr/H7Ze18tKuA76YY=; Expires=Sun, 14 Mar 2021 02:23:02 GMT; Path=/ AWSALBTGCORS=DYwulFo7LMt9SAsxlCmNQSNT2xffDf63FaKA4mAiBfg85Z/Zjvkv2pwbXiNnOTa5Cs1iC2MH6OQ8419eroET/u77rr430i8YDsadaqkmWzYEuRdO8knnOkjFy1nHZllSDvCkPedGU0RsUurS4Hkn/po1aYuQYgzVGHnr/H7Ze18tKuA76YY=; Expires=Sun, 14 Mar 2021 02:23:02 GMT; Path=/; SameSite=None
Cache-Control
private
Location
https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=86400
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin
https://www.washingtontimes.com
Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1615083783.dop160.fr8.t,1615083783.cds261.fr8.hn,1615083783.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
prebid2.44.1.235e1c61f2a9.js
twt-assets.washtimes.com/js/ 		238 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385f5b822603705c87f8a2556d010cbd01a2e2d57d7240790a2ed2776f41cba9

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web5
age
9702012
content-type
application/javascript
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dc99000010b5229be000000001
last-modified
Tue, 03 Nov 2020 21:44:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fuLUAFlwVTwa5upbkqydredGMGGiCgIHd5HGTOokjhzmy2PTVFqFdY3E%2FOYt0hGtzRN7Af18WC4Ug7Yl6vc8NsHxEcPYYtZPdiy5VUEv2Uy0Bg9R%2B4qk%2BJg%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
21048089
cache-control
max-age=21833987
cf-ray
62c05c0dcffd10b5-CPH
expires
Sun, 14 Nov 2021 19:22:50 GMT
gpt.js
www.googletagservices.com/tag/js/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e94f4426e2a0165d50a9b25f375357ef06922ad522ca096a5ed3f83efd5b4e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"804 / 125 of 1000 / last-modified: 1614985848"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19735
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:03 GMT
twt_app.26f6f8f49db8.js
twt-assets.washtimes.com/js/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2aac98311995e600b9372f92b29dbf5cf2402b7863e58d93e74bc873676c6e1

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web3
age
2513427
content-type
application/javascript
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dc99000010b5270bc000000001
last-modified
Mon, 01 Feb 2021 21:55:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BVTtLjKDsHFlLuDaMoQT9OCwiDrrpPx232CXMYZokKfTIaZ5jpv950ZM%2BdxHDrk9d6AXJD8eTvezJLH5dp6givoDGAmqlMd2dToGNDe9WLqMVYlHYz4Rd3o%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
758902
cache-control
max-age=29022573
cf-ray
62c05c0dcffe10b5-CPH
expires
Sun, 06 Feb 2022 00:12:36 GMT
story-politics.aa8eb1d263ab.js
twt-assets.washtimes.com/v4/js/ads/config/ 		344 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://twt-assets.washtimes.com/v4/js/ads/config/story-politics.aa8eb1d263ab.js?corona
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4466c20d8801a2f52d51509c6293f57f2595dad2e3047f49888c3a745acf50cb

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web1
age
2492067
content-type
application/javascript
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dc9a000010b58894b000000001
last-modified
Wed, 29 Apr 2020 19:52:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=foPi9UEqNfRclXx7ixy4g7EiJalEWy8zS4eIrYYnSIkNW66rL5jLMXeX%2FOaSoTWJ7Hn3M4%2FQJxuqqSCAljJEoHQzDGNLj4ZhhyDJosjFuq5EWWyvcGIqpoY%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
1779023
cache-control
max-age=29043933
cf-ray
62c05c0dcfff10b5-CPH
expires
Sun, 06 Feb 2022 06:08:36 GMT
shareaholic.js
dsms0mj1bbhn4.cloudfront.net/assets/pub/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:c:d51b:4400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c1ba1e480233e53f5346f2ca64fb2b6b79ad7d1ddf0042124202484379c92693

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:22:45 GMT
content-encoding
gzip
age
24
x-cache
Hit from cloudfront
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
content-length
3700
access-control-allow-origin
*
last-modified
Fri, 05 Mar 2021 15:41:43 GMT
server
nginx
etag
"07f81aa751d834693290c34560d4bfbb"
content-type
application/javascript; charset=UTF-8
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
cache-control
max-age=1200, public
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
nay-UnxotPfslH5cOY2GSUv3-WcZPlwT6FEM3ZeT2IeVwCeGUqsZUw==
global.038576814fc3.css
twt-assets.washtimes.com/css/ 		158 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twt-assets.washtimes.com/css/global.038576814fc3.css
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee2b1a6f557ff4137385e35aabcd6797c34e98d8c8171c022e2132524a9a4e1

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/6.0)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web02
age
1379740
content-type
text/css
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dc99000010b525326000000001
last-modified
Thu, 18 Feb 2021 22:56:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VNaI9Vi3yyfMoaFt4uSiUyoXehPCZA34lcvtonLnkLY87gPHlEqcAW7KEpVcssDPlrRKcES9MSOd06SW68jMcWaTRRhkRDvOIkJBFUlBMCTs2M3ANoso79E%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
347318
cache-control
max-age=30156260
cf-ray
62c05c0dcffa10b5-CPH
expires
Sat, 19 Feb 2022 03:07:23 GMT
main.a257c8c1a80a.css
twt-assets.washtimes.com/sass/ 		56 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twt-assets.washtimes.com/sass/main.a257c8c1a80a.css
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03cfa10f4ff3b40acc222b9961a21dcae96ed93dab7247d8ec0b4078e928a29e

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/6.0)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web00
age
253267
content-type
text/css
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dc99000010b525baa000000001
last-modified
Wed, 03 Mar 2021 03:09:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MahG59CHYSPyicCgD8ryiNpJnCTovlTcyiOGqa5SWqCN6kfpqhwvJhqix55YHo0BIILXdr%2FnpdPHYWUqe0MyfkQYa5cTCvKrVPq2wemvNqhbK9cwxVx9s6U%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
71474785
cache-control
max-age=31282733
cf-ray
62c05c0dcffb10b5-CPH
expires
Fri, 04 Mar 2022 04:01:56 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Montserrat:400,700|Signika:400,600
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c405a83e669ee5d0a63bf49d29ab0c302bafb6641f00a4fe213a861a3f0d68c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 01:20:19 GMT
server
ESF
date
Sun, 07 Mar 2021 02:23:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 02:23:03 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
218568
cdn-cachedat
2021-03-04 14:40:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dc6800004e2cb1300000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
MISS
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d18464f154fcc002970f2feafa110ad6
cf-ray
62c05c0d7e344e2c-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
story.a2dc352edd5f.css
twt-assets.washtimes.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twt-assets.washtimes.com/css/story.a2dc352edd5f.css
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38761bac34825034d9bf5e8614f5322874727b3cf9f63d68d568f7fa0e712695

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web2
age
2513089
content-type
text/css
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dc99000010b59a3f2000000001
last-modified
Thu, 04 Feb 2021 23:32:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a3KMl1wJFFO9toIkWDGbjl5c%2BR3ectnVFe8F4wYsN1SOZOCkYRd5RPdfNc%2FHPSIQwgPW9kkuZiQT8f7IN25z5ybKRruLgSSy0MU1rxhzdkakANIy3bEqkOs%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
2526457
cache-control
max-age=29022911
cf-ray
62c05c0dcffc10b5-CPH
expires
Sun, 06 Feb 2022 00:18:14 GMT
TWTlogo3.5238e37e24b5.png
twt-assets.washtimes.com/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-assets.washtimes.com/images/TWTlogo3.5238e37e24b5.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2958e3b7f04c4b955a3c2c4d010ac05d8260dc0ca26b59c3ebdcf7f231aa83ae

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web2
age
9702110
cf-ray
62c05c0ea8ce10b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9322
cf-request-id
08ac17dd2c000010b51889d000000001
last-modified
Tue, 02 Apr 2019 21:49:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qAuukEEbuO6lfnuLRMPIkg2Nimog7Nw2%2B4%2BUhi3I1t6Hrq2Az7ss6D9OdtFVUDiEs0iAOO50Qi72CMsjAeJiEXMICydb7fNBz%2BeJWQPEGsfuBof1UnIQfa8%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
124598193
cache-control
max-age=21833890
accept-ranges
bytes
content-type
image/png
expires
Sun, 14 Nov 2021 19:21:13 GMT
WLogoNoBack.b80e1949f96a.png
twt-assets.washtimes.com/img/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-assets.washtimes.com/img/WLogoNoBack.b80e1949f96a.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb8898b0e38e36436a5ef997551a44acf2febde285876557e44be8940b98796

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/6.0)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web00
age
253267
cf-ray
62c05c0ea8cf10b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26855
cf-request-id
08ac17dd2c000010b5a12d8000000001
last-modified
Thu, 18 Feb 2021 00:17:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HkRKvdWFhh1NROBVWW4ShLxVwHS2g4lhnh3fjBWyP4sJw0X3ulxDN26welQAXJ7dFvnDwhkziPozDzWVsdEVLE0aSKeLEmTTVJFKsEluDKI7J7eMc8aC%2BTg%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
71506881
cache-control
max-age=31282733
accept-ranges
bytes
content-type
image/png
expires
Fri, 04 Mar 2022 04:01:56 GMT
CHS_1400_x_1400_c0-0-1400-1400_s65x65.png
twt-thumbs.washtimes.com/media/specials/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/specials/CHS_1400_x_1400_c0-0-1400-1400_s65x65.png?dc490f8254460a2b3d9942f04bc6121fe02a99a2
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa63c2e8d73aaff6e812bd11986905d56ba316bd3c3c24e4a2c76e45c911c21d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
190293
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5856
cf-request-id
08ac17dd32000010b517886000000001
server
cloudflare
etag
"760c5fbf1353ca6009cc2ea9dcf6d9ddc2ee4d04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BSXglw0qAZUrl6VJjYVGhm1fKmf%2Ff3z%2B5SMA8q43eVobhLwvVDxO4quxRtSppNEDYw0QeLtCqerKbLIQvY3YvXMS08DGkbvtgPJxFKgCjMYO7KCZrmVNCIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0eb8dc10b5-CPH
expires
Fri, 05 Mar 2021 21:31:30 GMT
Cheryl_1400_1400_c0-0-1400-1400_s65x65.jpg
twt-thumbs.washtimes.com/media/specials/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/specials/Cheryl_1400_1400_c0-0-1400-1400_s65x65.jpg?dc490f8254460a2b3d9942f04bc6121fe02a99a2
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7d52b3c90b7aa9153106c34a11d1cde9341788368118f971631f623ae1e42a

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
164981
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5446
cf-request-id
08ac17dd32000010b51825a000000001
server
cloudflare
etag
"c899357cf3c5f83ad4a41f54cc8a1b0bbebf4b6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ettITfcByAeSbkpiMiEIMTDu%2Bzn5%2B0Or3o7XEDcx00WM4Jjqgu5yV6KOKAYIp1ziYzWWARGFDL5VBzv%2BPLRXFWE9OiD0xSrsQhp86KifSNPTbxJ%2Fg0E3x7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0eb8de10b5-CPH
expires
Sat, 06 Mar 2021 04:33:22 GMT
HAIH_1400x1400_c0-0-1400-1400_s65x65.png
twt-thumbs.washtimes.com/media/specials/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/specials/HAIH_1400x1400_c0-0-1400-1400_s65x65.png?dc490f8254460a2b3d9942f04bc6121fe02a99a2
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e19c66d1ed8bf66a90530f77503e7ce2181f776a41b3fe331529485ea4f7498

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
190354
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5693
cf-request-id
08ac17dd33000010b5171c7000000001
server
cloudflare
etag
"5ca5184c499c659a985b9366e119ff791406c3d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QiSD1bgat6PHiChr9U2IAXvElDu2wmagegJyFHdZ8ORbiaTp9riYq%2F1aY1VkEhVgNbaDdeKLrMHQpxg%2FRtwI9PZR8Ihn%2BnHmsfn13lY%2BMa0Cy6ry5ErN7aI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0eb8df10b5-CPH
expires
Fri, 05 Mar 2021 21:30:29 GMT
icon-facebook.0660d81626c5.jpg
twt-assets.washtimes.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-assets.washtimes.com/img/icon-facebook.0660d81626c5.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595534185225c45c173b18748c071fcd7b4c823d8b2dff76c4d91f948658f5fe

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web3
age
4703085
cf-ray
62c05c0ea8d010b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5114
cf-request-id
08ac17dd2c000010b55b920000000001
last-modified
Tue, 02 Apr 2019 22:02:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BRS2yygM3Jih28z7YxQiyEHZYBbYVLcm2%2FlkcyzroBFMTZGAWR9x%2FL7rUDybPxHMtKFM7zs6J9a9T8w7IK%2FbJJYayKz9hG5MNn0cjsvSIjxx1SIvF758YD0%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
31837189
cache-control
max-age=26832915
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 11 Jan 2022 15:58:18 GMT
icon-twitter.fc7373fc5e89.jpg
twt-assets.washtimes.com/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-assets.washtimes.com/img/icon-twitter.fc7373fc5e89.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f27985f1488a0b3a15971c67dabecc5e34399f60f86ef3a459f3f87e65da51eb

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web0
age
4703085
cf-ray
62c05c0ea8d110b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7359
cf-request-id
08ac17dd2c000010b59833d000000001
last-modified
Tue, 02 Apr 2019 21:36:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OLH8UEagsZ9lhGaq5eudugGzscb2eFTrAnkxluH8bLMLmjR7k3jG4%2B2VFuMGeUeSiakRFtG0FAKmaprMtJQVxQpozYaAelrGFzwgV0ZxWZgNGBy7XsTuBtg%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
34356533
cache-control
max-age=26832915
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 11 Jan 2022 15:58:18 GMT
icon-instagram.72fc92d824f0.jpg
twt-assets.washtimes.com/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-assets.washtimes.com/img/icon-instagram.72fc92d824f0.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23027b0ceadc3f02c856416e352750e87f4c0d3af29044acdbc44ca6ceba2a10

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web0
age
4703084
cf-ray
62c05c0ea8d210b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9121
cf-request-id
08ac17dd2c000010b58a885000000001
last-modified
Tue, 02 Apr 2019 21:36:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pPWp50yTgHMvoWX%2B6muSUqsQ%2FczwomYtR4UkX9rxxrsimvyqmEKZ%2Ba4oIFCVPs4jC7qpsnirNryI0Ti0KICJ2jPs%2BnSSaO4084plhW4hiM8TFKBDpn9O2iw%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
21621723
cache-control
max-age=26832916
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 11 Jan 2022 15:58:19 GMT
icon-rss.ecce5bc46ce2.jpg
twt-assets.washtimes.com/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-assets.washtimes.com/img/icon-rss.ecce5bc46ce2.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac25edac7d3cc3aacd7d498a8ea40a26129661150feaee612b18fb6aadcda021

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web0
age
1903191
cf-ray
62c05c0ea8d310b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9884
cf-request-id
08ac17dd2d000010b59a3f6000000001
last-modified
Tue, 02 Apr 2019 21:36:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ClAIIAkGtjNsF2UX2I7qYZkAfwZQ%2BBgtzDHUJKRiqdb5JrPsPuJpGxMVIoWSanajPaPajA5WIW22p%2F%2FVHhc%2BWvPkx1MD9SzV9wDX1X4zmvLSeji7aeCyRsg%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
36546228
cache-control
max-age=29632809
accept-ranges
bytes
content-type
image/jpeg
expires
Sun, 13 Feb 2022 01:43:12 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed12b8f75afb8edd258e8bcbd195c0a2e75ba94b4d87608ab3952e9e03cd0a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 13:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 23:41:31 GMT
server
sffe
age
46788
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3903
x-xss-protection
0
expires
Sun, 07 Mar 2021 13:23:15 GMT

Redirect headers

date
Sun, 07 Mar 2021 01:53:24 GMT
x-content-type-options
nosniff
server
sffe
age
1779
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:24 GMT
immigration-border_impact_40032_c996-0-3000-2004_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/26/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/26/immigration-border_impact_40032_c996-0-3000-2004_s85x85.jpg?95a6fc0831f51ee04e5cd780f8799f6757f57bdc
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb4f77563176b8d6d555bfff5310beb5aef0366c5f535cacb1aad192ab2739a

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509696
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3029
cf-request-id
08ac17dd32000010b5299e3000000001
server
cloudflare
etag
"66b2c9931405b2f3419170b8b180a0cddded6c66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R3z%2B9FesOOnxMZ5QJsbY0X84xeJuWNjHQLntF%2BlrXjiHF%2BGImVuqRGvm1Gb8dqEjjh05x6COzkuuF8tVsFukDo%2FZnl%2FfewJ2G0b8%2BnuyXaROHhfpKKGC9xQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0eb8dd10b5-CPH
expires
Tue, 02 Mar 2021 04:48:07 GMT
TVfirstNames-900_c188-0-712-524_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2019/05/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2019/05/09/TVfirstNames-900_c188-0-712-524_s85x85.jpg?b0254c8db5ed38f9c35532203153253ce3304a2e
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071585fa4034bc09ffe276b4b4e617a2d161c16c011d9403cfafdcee8f58cec0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509696
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3066
cf-request-id
08ac17dd4e000010b57fafe000000001
server
cloudflare
etag
"47e53d04a01c393402896a9b247328b9ee00fb2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YgyKMqCA4lrjezGfEubHXebq7JMzOdQ9mOd1EpEB71e703dZDmQBiJvRGyv5CZxMXs06Ge%2FaLHiFXt7QIYNWYUmhbzxzeqjUfxMo041LAXGNpquDfemsMuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0ee8fb10b5-CPH
expires
Tue, 02 Mar 2021 04:48:07 GMT
AP420829471184_c800-0-3335-2535_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/28/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/28/AP420829471184_c800-0-3335-2535_s85x85.jpg?fbe9c2720a5d8ee4835cc36a6ecc962e0ff6961b
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee1ba65d5d40147a33d44ca9562576b4a97404f5f669ebf4716db9f082619d0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509696
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2878
cf-request-id
08ac17dd4e000010b553b4b000000001
server
cloudflare
etag
"a41148969cd8f2fa0c44b0584a59b1fc7e5be478"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MMH%2Fd4c7LPzF8wRxYRLoTGlurNCyqMSZsOrdsI%2FFGOyRQyYKNar%2B%2Fb9lEEkDdRJHVrKM7yB3dLfFDxRTE3bD1nxbqDdILTFo2kfZvPqDlYXdV0Zc9hw6w5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0ee8fc10b5-CPH
expires
Tue, 02 Mar 2021 04:48:07 GMT
ap95111701682_c105-0-1209-1104_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2014/05/16/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2014/05/16/ap95111701682_c105-0-1209-1104_s85x85.jpg?9e9eb5d2b3b204065b17b6e46e4c560d2e310e29
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe55fdb128b3764be047413f3d4d7cdce074c1ea0d9fe01ec8f35f98031482c

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509073
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2602
cf-request-id
08ac17dd4e000010b51889e000000001
server
cloudflare
etag
"9ad9264b6b95fcbb12e7aeb01e0ffa16a5b74c56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q41HZmYU6bIxC7BDABoHcFM5Tjwc%2FzoVAvVzZwOq5kFO1yKGx1z%2FHCn9nhYKpFqX9o6OFgqGXCFnJgWz95fCzxQodVmDy%2F91uRg3OskNyd6roB3s9kEUA6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0ee8fd10b5-CPH
expires
Tue, 02 Mar 2021 04:58:30 GMT
Capitol_Riot_Disinformation_Nation_10756.jpg-e00bc_c564-0-2819-2255_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/26/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/26/Capitol_Riot_Disinformation_Nation_10756.jpg-e00bc_c564-0-2819-2255_s85x85.jpg?0c552bfda1775edbad9153ade0a8c921a916d441
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f409b87bfbdd4e573c1039b5a552af73cf43f8540d34c3eeec8b97961ce67b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509696
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3922
cf-request-id
08ac17dd4e000010b5a12d9000000001
server
cloudflare
etag
"d55e08c8dfba308c52cd4fe13514060ea5449ec8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f177yJ2cC75yOzj9xzVyK2n0dDqwoGIYgs%2B5E%2FYonjvHIwXVOyRZhXc0%2Fc6%2FEXS8FqZuPrfKv%2BDQN928afFXNsXFojHEuqF2BVHrycJ%2FpeWQxe5EA9PrrOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0ee8fe10b5-CPH
expires
Tue, 02 Mar 2021 04:48:07 GMT
gtm.js
www.googletagmanager.com/ 		130 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d547afec38b7ae7f97311731485d8ee0aa40fcbf97609f1e875c9225d5e4c541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47149
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Mar 2021 02:23:03 GMT
kistefos-sponsored-85.jpg
media.washtimes.com/media/image/2021/02/26/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.washtimes.com/media/image/2021/02/26/kistefos-sponsored-85.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caa1a2c22b72f120310ab2e0263a16450b10af67331ee8969dae1e6adc6a0b64

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509698
cf-ray
62c05c0f191610b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27782
x-amz-id-2
hX8Myn+vJpFitkNR3p8Co9SrD2zYownl94WInLAW96h/dYFGopAV3kr4OWNG4kAYx7As6jzcosM=
last-modified
Fri, 26 Feb 2021 23:27:42 GMT
server
cloudflare
etag
"283988f63760436cafa5d28f39501f75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AmVW%2FdE5JfprQV1FI%2BQyCtty%2FrWctMzcnR99phtaaTX6%2BfxYRLe396ft0DUmzg1gafqfLF2Nrq6G45ap4zsp8oBxgQbtJoIMV6scILGXxJZaa4N8"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
1D115400FBD74824
cache-control
max-age=691200
cf-request-id
08ac17dd6f000010b52532d000000001
accept-ranges
bytes
content-type
image/jpeg
bootloader.js
static.newsmaxfeednetwork.com/web-clients/bootloaders/Yb3HQw3wsNGDTDRBD3YMi5/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.newsmaxfeednetwork.com/web-clients/bootloaders/Yb3HQw3wsNGDTDRBD3YMi5/bootloader.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.45.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-45-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ea4a59dfdd08e04aae4dc11ceb75b47497ab4cf3caacc3e27ab8e78e0219f6a3

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cache-control
public, max-age=300
x-powered-by
Express
etag
W/"58e-GR3yFEJSwmYCpnwGiU3GUDfvGX8"
content-length
1422
content-type
text/javascript; charset=utf-8
everett-piper-350_s85x119.jpg
twt-thumbs.washtimes.com/media/img/staff/2018/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/img/staff/2018/everett-piper-350_s85x119.jpg?aa9e42ea593811e08acc2f2e2737164ab5d201f0
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eac7a367a222cac0fdadfe8c77aa6d74dee0583d8694b1a892bdfad99738112

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
23760
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6843
cf-request-id
08ac17dd67000010b5851f5000000001
server
cloudflare
etag
"b34ad200fd89eb0dfe586dc0581ed92045c65a01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tD8h7ibjxEjtWYjMdAVml35Xl0evlD1SAk3g2PJop%2Bh31MDNYj57kqyfg89%2BgekuXKnqPJJ16ij2kLQoG8rdZKGni8x2M0xc7mYxrJ4eTxXR2kNXJU%2Flcdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f090f10b5-CPH
expires
Sun, 07 Mar 2021 19:47:03 GMT
tom-basile-350_s85x119.jpg
twt-thumbs.washtimes.com/media/img/staff/2021/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/img/staff/2021/tom-basile-350_s85x119.jpg?aa9e42ea593811e08acc2f2e2737164ab5d201f0
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945e42dacd8d42114591a84d9bd3897d1e97abcb9fe92ad9510d0d0c82f6ae7f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
87205
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6195
cf-request-id
08ac17dd67000010b55826c000000001
server
cloudflare
etag
"515ec50b2340cfe5c37d21627d7124dad76d1007"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hQs3S0fHK6GCo3PKY7UQWZn1od4wjdyQ%2FGA1JflgIc9pGAyeHhpaRZALpzMIl%2BD0RlJbBipk77aSbb%2Bgsd36rNcfv8SNJ9iMJc%2BtGNKQ5tDZgbq0EkLme5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f091010b5-CPH
expires
Sun, 07 Mar 2021 02:09:37 GMT
michael-mckenna-nonstaffmug-v2_s85x119.jpg
twt-thumbs.washtimes.com/media/img/staff/2020/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/img/staff/2020/michael-mckenna-nonstaffmug-v2_s85x119.jpg?aa9e42ea593811e08acc2f2e2737164ab5d201f0
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c2cae5f5dd8f9ae93dbe8b19616bf2e2329c0c9f5f231e8cd3c4a6b31040f11

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
251980
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3378
cf-request-id
08ac17dd7f000010b57faff000000001
server
cloudflare
etag
"111c53db0b282fdf7fb5e8cf4d96b7097dfc7260"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yYhaezJaFakC6mED%2FywhZIYzH02q96L%2BPFBhJF1%2FQuRMEiMq%2FqN58AQ0YJKpBAw3foGuRyqFr7LxyCEQ7gZ4lS9H6VBCKdd2KJBLVaYuW5BRaK%2BSFjSQm4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f392910b5-CPH
expires
Fri, 05 Mar 2021 04:23:23 GMT
AP110919057742_c0-410-4896-3264_s885x516.jpg
twt-thumbs.washtimes.com/media/image/2021/03/04/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/03/04/AP110919057742_c0-410-4896-3264_s885x516.jpg?bc9c8850b95514b58ec0a2d1a1ce8f3697db551a
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ddf878806a24c9653c53f9e84a895827721e45e28ee1d6bb358e3013740bc8

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3688
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75410
cf-request-id
08ac17dd7f000010b553b4c000000001
server
cloudflare
etag
"c2d39ea5c54e3c95865023d682eb559792e9ac1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6sca4vEfiYVjWD4zyVLMY9i%2B%2B622R0VedIi3hvc2AyCD9%2FjAEd%2BV57SxjAs8yH4qimqCLXC2Pn4C3Y5PoX3mwGZyueMOosmltdx5mpNbWLszXwpgFaVbOJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f392a10b5-CPH
expires
Mon, 08 Mar 2021 01:21:35 GMT
sp_iyCBIB1C
launcher.spot.im/spot/ 		387 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_iyCBIB1C
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-49.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
d6cdfc87873355bc3ffa410e7958b079720180b145628d77cb8d1a4346827d7c

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
br
server
fasthttp
cache-control
max-age=600
content-type
application/javascript; charset=UTF-8
content-length
86168
expires
Sun, 07 Mar 2021 02:33:03 GMT
outbrain.js
widgets.outbrain.com/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d32e86b4f1852db0604ee6709371fb28f432cf45b2ce5f50781fb9efef681030

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
edge-cache-tag
widget-cheetah
cookie
CheetahStaging=true
x-traceid
f0cf631d97048843904c940bb8d73261
content-length
56862
last-modified
Wed, 03 Mar 2021 14:48:58 GMT
etag
W/"29cc4-MtstTurlHjhvHKPp4ABVmoSJpJM"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
timing-allow-origin
*, *
expires
Sun, 07 Mar 2021 06:23:03 GMT
Trump_Conservatives_74607.jpg-021d7_c705-0-3525-2820_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/28/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/28/Trump_Conservatives_74607.jpg-021d7_c705-0-3525-2820_s85x85.jpg?83731df939931521d3029ce7df9eda8df76f54f8
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac221ce0776ae4044927485d5d8b9df74f99c57593405cfc59c03306f50c4b97

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509073
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3205
cf-request-id
08ac17dd88000010b59a3f9000000001
server
cloudflare
etag
"d160476a8dd7449a42e4ca45f03311afccc861ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wieXza%2BoetKy998nQ6laVftJtlugUqMFz2e%2B5n4IYTgZeI%2BvNoZCzrnQ0mq9hc7gw1xLaYmRR0VbJ7niBvcheNg6FavP3ypi6Jt3zKiSSRvLGwUIiNALHjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f493210b5-CPH
expires
Tue, 02 Mar 2021 04:58:30 GMT
Virus_Outbreak_New_York_68522.jpg-21b3e_c1000-0-5000-4000_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/22/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/22/Virus_Outbreak_New_York_68522.jpg-21b3e_c1000-0-5000-4000_s85x85.jpg?ac8dcbaf8a21c7bbdf22623b8c7b2a02d6b9c700
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112c6256b2dfd5a651ed2ba1bb1f85f2fb66242ba600b609b45b2817f896c4c6

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509696
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3624
cf-request-id
08ac17dd96000010b58637c000000001
server
cloudflare
etag
"01f73f313d1f04869d7047802b2c81295faacb6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1WYgjn85vuJhT8qKFM2KN1YjN9FAdxTB9eti8kns54J7Vs0RoYy47s2C7KM2c%2FEC9pCAy7Im94n2z9G7hvjRax0%2BRVRZ2ZnBdklw4VlSlYbPUbWaykO1%2B54%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f593d10b5-CPH
expires
Tue, 02 Mar 2021 04:48:07 GMT
122_2014_americanflagpasspor8201_c240-0-1040-800_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2014/12/02/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2014/12/02/122_2014_americanflagpasspor8201_c240-0-1040-800_s85x85.jpg?268321b9ecf14b86741a7ec893e279a0e7482210
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc373a5fab34a58d708d77f8779f80ebe2143dffd125bcf53bd297db5454eb51

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
86383
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6203
cf-request-id
08ac17dda1000010b591b20000000001
server
cloudflare
etag
"624c18aa03ae7849a116bc298d5dcce463d38405"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QnwrtqLZkpzcdmFaze8BECS2JfRs2VsRGNVq7XZtAtxLa%2Bstru5hFBzlRvfmkzM2cKkFopoEANsfvR1v%2B04u%2F3o61Rrd4sVkHW1GTjBEL0UTR%2BSMIvf4DmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f694d10b5-CPH
expires
Sun, 07 Mar 2021 02:23:20 GMT
biden_51666_c670-0-4670-4000_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/01/28/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/01/28/biden_51666_c670-0-4670-4000_s85x85.jpg?987591c63674c5990e9ec5d84f71715e2ba871ce
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19271e99d56c4fd36f7ca8c2f0c4d590b430b23f4af702073b001ddf9f20e03f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
163926
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3046
cf-request-id
08ac17dda1000010b5a59bd000000001
server
cloudflare
etag
"1cc9bae2e45357ab2acd8654379fc4f1e0c92fc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FfZimyRSQDuoTil71tXLzmsA04IIupDI2TivwhmBofDzVYw3JQPsdIOprgiuUNu%2FWOyune8o1k%2FmOAhSq4A9w2FSI3j%2BdKEZGEvF2jQSDiPq5IMPMNPuGQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f695010b5-CPH
expires
Sat, 06 Mar 2021 04:50:57 GMT
Congress_Equality_Act_80755.jpg-520bb_c1015-0-4714-3699_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/25/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/25/Congress_Equality_Act_80755.jpg-520bb_c1015-0-4714-3699_s85x85.jpg?6069ab855a3a146467d99d8277bef785c71ddc29
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff8c8bc7cbc2f3bd4d0ae9a99d3b08256da8e4b70e4e56dd2712b0f7eb06f25

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
163926
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3247
cf-request-id
08ac17dda2000010b546297000000001
server
cloudflare
etag
"0ea61a93ea9def46d1b253c419ace508c5ac05c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LYO1Jf%2FEkW9zc2S21Dtis0vZo3hiK1bPR%2FbOKdCV4QHAjsJt3PAN6Pbq05e0%2FdtRQ20JY97cQU4KtCOFYE%2FEEnbCFqOM0Ubj9i5ikcLCSbfQCmn70YHjLJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f695110b5-CPH
expires
Sat, 06 Mar 2021 04:50:57 GMT
RugerGP100_c95-0-795-700_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2018/08/29/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2018/08/29/RugerGP100_c95-0-795-700_s85x85.jpg?008991fbc80277c956e61b306f532e6d772a89cb
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a00fb7dba7339890bceec9ab12e82dfee541278cc6c2646ea2ca24516473f0ba

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509073
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1900
cf-request-id
08ac17ddb1000010b516268000000001
server
cloudflare
etag
"5fed83ca8bcd2fa58c65a730a96f39873f775c39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I%2FG%2BPsoUZHwjXfQKVDhcbfNnml3WjGTQ%2FK1jAWQx9ShfDVzsqGawvL8lzkHsna37aObLWlunqXXiWiYv9xvVEQPJDJfyPnurMrY9DJoXGBDs%2BokMmxGuY8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f896410b5-CPH
expires
Tue, 02 Mar 2021 04:58:30 GMT
virus_outbreak_new_hampshire_vaccine_73297_c1032-0-3610-2578_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/25/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/25/virus_outbreak_new_hampshire_vaccine_73297_c1032-0-3610-2578_s85x85.jpg?9d7ac6109fccd1cc02681bf65170182855bd80c9
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a55bd9ca1e977582117c94589335b0e042272464781c9f610e244703aacb92

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509073
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2407
cf-request-id
08ac17ddba000010b52424f000000001
server
cloudflare
etag
"9684f7b09df7f0889f48873e616677eaf1712b07"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M6U8Ac3UfVXFzDNF8NRTdrPwh1PGzQLGuD6mvctx%2FX4C3dwHxUfJQ%2BSzs1GiLX1nUY8jZTd78OD5fXB5ZjuT%2BemIMQdynm75TcyGcyUSka%2FRoSKulADgxiE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f897010b5-CPH
expires
Tue, 02 Mar 2021 04:58:30 GMT
Congress_60408.jpg-27db3_c722-0-4014-3292_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2018/07/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2018/07/09/Congress_60408.jpg-27db3_c722-0-4014-3292_s85x85.jpg?9acbcd935998e2341b00107cc4d1b92c85735a61
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908830394e9c2c646a90edf75bbd0709f6c73efaed2361cef692f90e07e6dca8

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
251248
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2807
cf-request-id
08ac17ddba000010b595080000000001
server
cloudflare
etag
"5c698ca4dc6c159e4cbeddfeb60ad8292a25e183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bAFqDu34k4ONXVuDrUNuEN0fBvrtCcNl8Tt81vbmFVmb0a6k1MbcM%2BFLDfXEOZYfWkt4%2BnD2i1uEQvKYsrekMRp3XjzUggHUZHLSgIMAgpJotCI6htR2TAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0f997110b5-CPH
expires
Fri, 05 Mar 2021 04:35:35 GMT
200608-imgpsh_fullsize_anim-85.jpg
media.washtimes.com/media/image/2020/06/08/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.washtimes.com/media/image/2020/06/08/200608-imgpsh_fullsize_anim-85.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970eb8d95b86d1c5e93b2f421bc1b43c789f3aca4a737bbccc0b1330dd382df9

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73939
cf-ray
62c05c0f997310b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15736
x-amz-id-2
FgBmo3vl0ye8OXMlRXkVvAJg24ZdtkP/KG7uc/MwL925Oy/x4BW0sXRIm2hssKYNypXI0LrCll8=
last-modified
Mon, 08 Jun 2020 19:22:26 GMT
server
cloudflare
etag
"9b63460baaeeb96a449da6bd1e0af4b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vzf5zqZASg9EaHqKOad3tNxeEcGOwsMJ4ETjsSWYaayvnlJvsJcF3M8JHK8DwZHo6DyVNHre9JgxPh2%2FZwSXGB8V1hzASGkvZ%2FhTWPxfV6dbh7vC"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
4254FC36EF5AB5DF
cache-control
max-age=691200
cf-request-id
08ac17ddbc000010b58bb8c000000001
accept-ranges
bytes
content-type
image/jpeg
2_282021_beltway-biden-991638202_c333-0-1666-1333_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/28/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/28/2_282021_beltway-biden-991638202_c333-0-1666-1333_s85x85.jpg?41dad3bcc1b88774035dd0a8b3f0f1e7db50f62b
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c665bdb722ac70e8686c080dc2a3814b5ae3cedaa1ad83cc705860f873b5ab5

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509696
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5436
cf-request-id
08ac17ddc9000010b565a52000000001
server
cloudflare
etag
"f876a4d9124f6aa1a0d64ca7efcb6af20e69a7b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jN5VYVqnfZ8fdVrBa0Dln3Ax2R0196uL9v4OvdP9buxa1z6V2f8CAXfM6RncsexJdL2GZGmgYYnWVGnpG4WzxxxD9GSb8P5z2gtTklts0pJuQ3jZb%2B3TN1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0fa97e10b5-CPH
expires
Tue, 02 Mar 2021 04:48:07 GMT
US_Saudi_Arabia_51241.jpg-c04c4_c554-0-2770-2216_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/25/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/25/US_Saudi_Arabia_51241.jpg-c04c4_c554-0-2770-2216_s85x85.jpg?943ace056a04060dea76fe00faee2ba498805381
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1a092576775e6261ff8c6985f1fc8a5cf64b641cabc822ffdf9f994e672cd3

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509072
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3313
cf-request-id
08ac17ddd2000010b538b07000000001
server
cloudflare
etag
"2b9fe354bfc8e5944fb81b0e38bfe0eb0579d3dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nysIq%2F3dae71M235c%2FaUdc7f%2FxXLSGwYXechFXkwXZz93q%2FE1W75CqnCiCBWrGPcPQ7AHWNDV%2BqgqOOogh3IBzyYgZtLuPYTZkixIjF3naDMVjvvW17QSUg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0fb98910b5-CPH
expires
Tue, 02 Mar 2021 04:58:31 GMT
80sOneHitWondersFinal-900_c188-0-712-524_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2020/02/20/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2020/02/20/80sOneHitWondersFinal-900_c188-0-712-524_s85x85.jpg?b0254c8db5ed38f9c35532203153253ce3304a2e
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aadbfb6f8142869dbb048b379962129238cd05ce266dcdde26ea1b8d9bb58d2

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509072
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3564
cf-request-id
08ac17ddd2000010b553b4e000000001
server
cloudflare
etag
"eac9b5bc9d6aa10103eab218d67d2cf4bb5e8443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hi5bvG2fwx6%2FFbX16PBTFnWA9Z3RUB3QGxapDxQPEcerK%2BnXnk0XfRYhtYz%2BOk4j9zXRxu%2BR63HkZtp8EttF9mLYGiliyGFts%2BxJ8aD%2FMzThWu18gbFq%2FNc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0fb98a10b5-CPH
expires
Tue, 02 Mar 2021 04:58:31 GMT
tv-maher-yiannopoulos_80634_c457-0-2457-2000_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2017/02/15/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2017/02/15/tv-maher-yiannopoulos_80634_c457-0-2457-2000_s85x85.jpg?6773c5d85e93f6d0a1d60eefed79515d910e22c1
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3908e2584911e13c708b067f61a01df39fb3b96cbced9f89050f3b3f3c0706f4

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
11951
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2772
cf-request-id
08ac17ddd4000010b5a12dc000000001
server
cloudflare
etag
"867079f7cc71d3049572eef6ecb5be97d40d0a6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4NUS%2BZTvJQ0jAZmytROjLfk1IFP2R1ecADcMxLN0CPUfDfDWazTfv02cUU6be%2BhtsDPRuaIQDQlOPJoNwLHvtkLdsMT51i7S4xG1y1g8FwX66iCFtmOFX8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0fb98c10b5-CPH
expires
Sun, 07 Mar 2021 23:03:52 GMT
Election_2020_RNC_25453.jpg-783bf_c1150-0-4861-3711_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2020/08/26/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2020/08/26/Election_2020_RNC_25453.jpg-783bf_c1150-0-4861-3711_s85x85.jpg?a859ed4e61927aaffaf11607a2fb3998b4559bc4
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9edd6a4a0299f37bbdb10f2702507d837c75cd6c582193c4b6f01b3007d76321

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509072
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3136
cf-request-id
08ac17dde1000010b51788b000000001
server
cloudflare
etag
"87f1faf45276c9e3432ff0739aa83919e81d8c27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MQaML8x4psnrVONlduEwcrH43%2B%2BN17our0f4bNtgAbTJcceflnHTnhLLQsxmFZeaM4lGP%2BEmPOqUmhn8KdKbeFbpGMrEXUQ%2BHPw%2FzEy%2FCLGyh%2FT%2BlwfZTCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0fc99710b5-CPH
expires
Tue, 02 Mar 2021 04:58:31 GMT
AP_5801010470_c64-0-764-700_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2019/08/30/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2019/08/30/AP_5801010470_c64-0-764-700_s85x85.jpg?907e0fa93bafaf6a1dc38540b0cfea21e9ff37f3
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1094f6eb88f12bf3a4d1292d28115e20c44ac684af936d8ae4cb02839bd3e63d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509072
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3113
cf-request-id
08ac17ddee000010b588955000000001
server
cloudflare
etag
"d9f883e1ec7d4e004c454f41e525209b6973ec4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zzmLOzPAzNHinGeVQzdce2ur1qlV0y3IMrVDdrggoXq22tw7TJ%2Fbq5h4aWq49KJmGV%2FX5Af4lRuS0C9ej%2F6XzY8TW%2BaJX1ARkiX%2BnP%2BC%2FGfzSAc%2BGiLIRz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0fe9a610b5-CPH
expires
Tue, 02 Mar 2021 04:58:31 GMT
Biden_Cabinet_17402.jpg-6cfb3_c674-0-3955-3281_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2021/02/25/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2021/02/25/Biden_Cabinet_17402.jpg-6cfb3_c674-0-3955-3281_s85x85.jpg?45cc1bf915f191a88cec1771ca700168f20d8622
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00517eb0b8cc4acef8d59e3b3ab0decfa0a2ca10c92b235edfa6e55dc5549667

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
598598
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3500
cf-request-id
08ac17ddee000010b59e1aa000000001
server
cloudflare
etag
"d16c62e8880d76553a6deb70df751774cb3705bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hhY69yQ0sxjXjVTuc76lsv26BLyNG2mN%2FM8AofX4D7mofdDazzoryxUsQrf1YV01zgffYJ3x57jaeULOmQTj1Et%2BOWNPcRmxHxBfPJs28XLJ4%2FR2oQstCJs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0fe9a710b5-CPH
expires
Mon, 01 Mar 2021 04:06:25 GMT
new_laws_maryland_75348_c1014-0-4249-3235_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2019/06/30/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2019/06/30/new_laws_maryland_75348_c1014-0-4249-3235_s85x85.jpg?bd909c8c6ff33fb47d90507db644196e359580ce
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0865e09ce4a5b654d5d77e9f7af4b80223feb97b226160e98899b24d3ee86080

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509072
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3699
cf-request-id
08ac17ddee000010b54da6f000000001
server
cloudflare
etag
"003d54daba82c1715bfc2afd5168e522cbbbd007"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sR3sin3WgtKEVOVjIT8OxhkTxsjhJOvegh48Ty3Nr4XxHDGB6uqbogL1QeamEEQX2mdU1oWZYU3m0aZSqFXHN%2BOdZf3QCRz2AKAk5pdm0%2B3%2FUL7KEQcqRp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c0fe9a810b5-CPH
expires
Tue, 02 Mar 2021 04:58:31 GMT
1970sMovieQuotes-900_c188-0-712-524_s85x85.jpg
twt-thumbs.washtimes.com/media/image/2019/06/13/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-thumbs.washtimes.com/media/image/2019/06/13/1970sMovieQuotes-900_c188-0-712-524_s85x85.jpg?b0254c8db5ed38f9c35532203153253ce3304a2e
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
576d24f840d9c3e2ba5189c77d22032b8fc5109a96072b7bc98c0b74ed4d86a4

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509072
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2649
cf-request-id
08ac17de01000010b57fb01000000001
server
cloudflare
etag
"220ac7f988b73a2f9789dc32de50518256631394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AtMvv7gj8UdQ10L1GXWgFpGlWLAIi17WNavybts5Y7%2FzY7yydrR3tsIeXvLl%2FMftTCmCikedkX56UbA2nL4yrgFA5NwyMQCSKgnm7%2FZHJ5EiQ0Vuo%2BZZbcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
62c05c1009b610b5-CPH
expires
Tue, 02 Mar 2021 04:58:31 GMT
global.ef0920d983d9.js
twt-assets.washtimes.com/js/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twt-assets.washtimes.com/js/global.ef0920d983d9.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adc9f90e80220607fed2a365ee3adf27f172a0a3f1b6de5c398fbcf3b0df43de

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web3
age
2513427
content-type
application/javascript
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dcee000010b5a59b8000000001
last-modified
Tue, 26 Jan 2021 17:56:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GvW472UUiXohF56jTG98bCdJWe1s7M5MITsE3LXpMZHFKBUM%2FliwYU3hib79Lb%2BzGuSdjxfERRg7zUsBim9qWgmmMVV6kFJpWrjd1LBKsKa6Fcz5sFS9Y%2BA%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
1323977
cache-control
max-age=29022573
cf-ray
62c05c0e489210b5-CPH
expires
Sun, 06 Feb 2022 00:12:36 GMT
InArticleAds.02cee3a032a9.js
twt-assets.washtimes.com/v4/js/ads/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twt-assets.washtimes.com/v4/js/ads/InArticleAds.02cee3a032a9.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2fcfdaf09d42c2c7dbf1340ed918a86c0b6abd91a10fb5c99785782b7c2d51

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/6.0)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web03
age
251249
content-type
application/javascript
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dd2c000010b553b49000000001
last-modified
Thu, 18 Feb 2021 00:17:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E9L3hrKyIYVjcwynwdy5A0MlOR5wny%2FxmdIhnAiCozcM1hWt9eGcwWlPNOkzP4p%2B1h3ym3xJfAMmNPo%2Fw1YSdtVGMd63PMWD9%2BTu3jw7WrZ6HesFCnYarVE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
54013580
cache-control
max-age=31284751
cf-ray
62c05c0ea8cd10b5-CPH
expires
Fri, 04 Mar 2022 04:35:34 GMT
connectV5.js
s.newsmaxfeednetwork.com/static/js/ 		73 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.newsmaxfeednetwork.com/static/js/connectV5.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.45.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-45-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
a56eeaf10b740315ef66b7b210fa58919956cd30d727166a0fdecce16f58c211

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
etag
W/"12342-17653ace728"
last-modified
Fri, 11 Dec 2020 21:20:09 GMT
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
74562
85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
scripts.webcontentassessor.com/scripts/ 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21bebc728ff3a8ec7568d27c924d5552f15b5f9975e37c7d12c5602c19ffa7b7

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
age
681
x-cache
HIT
content-length
31327
x-amz-id-2
yLrqJysD3qucJjOG4nEgpgAb1O43LsNKBa6bzYBMJNP1dqzrRR2OfKCebhv0a+7S3jOFq1lUNaU=
x-served-by
cache-fra19127-FRA
last-modified
Sun, 07 Mar 2021 02:05:28 GMT
server
AmazonS3
x-timer
S1615083784.536991,VS0,VE1
etag
"bd50ccf824ad5c5989bf0b7a3e7b94ce"
vary
Accept-Encoding
x-amz-request-id
JX4JK197KTPYC57R
via
1.1 varnish
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:20:18 GMT
content-encoding
gzip
server
Server
age
164
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id
FZjeMsA6ljX06CRSA0Ifml159h2q0NcDFsu8rYXL8SzZQZ49HnowiA==
tablet.d12a55c63ff0.css
twt-assets.washtimes.com/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twt-assets.washtimes.com/css/tablet.d12a55c63ff0.css
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4b2f6b3fc3777c64a4929b22668b2663fca41f9d664b113494d10db5ea18ca

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web4
age
9702110
content-type
text/css
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17dd2d000010b51d293000000001
last-modified
Wed, 04 Nov 2020 01:45:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8gU7xvRwBsEuz3jjRDm8GBvup9oXaWCpwjhfxafE1TWid8You%2B5NdiRY%2FHAUQgOc6M%2Bd9mNRY5U2BepCdHTB8Fy7BJaf%2B2vH6qg%2BxAL%2FE7Cv88F%2FLZck5HU%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
36833917
cache-control
max-age=21833890
cf-ray
62c05c0ea8d410b5-CPH
expires
Sun, 14 Nov 2021 19:21:13 GMT
connatix.playspace.dc.js
cds.connatix.com/p/106673/ Frame C2D3
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/106673/connatix.playspace.dc.js
1 MB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/106673/connatix.playspace.dc.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9636f762c3a9b90d0a06756c6db9c9e8c28d3dc081bed0d20fffd4d7389aab1a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.cQyGfi08LaOX32LHJqLPnaFqrtSZncu
via
1.1 varnish, 1.1 varnish
etag
"12ba5f634628e2af2ae66676b666782b"
age
117303
x-cache
HIT, HIT
x-amz-replication-status
FAILED
content-encoding
br
content-length
225188
x-served-by
cache-dca17729-DCA, cache-cph20620-CPH
last-modified
Fri, 05 Mar 2021 17:11:06 GMT
x-timer
S1615083784.620059,VS0,VE0
date
Sun, 07 Mar 2021 02:23:03 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 4418

Redirect headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-cph20620-CPH
x-cache
HIT
location
https://cds.connatix.com/p/106673/connatix.playspace.dc.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1615083784.500927,VS0,VE1
content-length
0
retry-after
0
x-cache-hits
0
connatix.player.dc.js
cds.connatix.com/p/106673/ Frame A793
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/106673/connatix.player.dc.js
958 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/106673/connatix.player.dc.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d78ffe3c0f103ad744558af98b37552426a7175313fef73e0affa709213f0ec

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2fJgeInbGLPLTuMlBAo929qQsw_gA5tP
via
1.1 varnish, 1.1 varnish
etag
"ab182b59dee603b7418d390d3b1f34d2"
age
117303
x-cache
HIT, HIT
x-amz-replication-status
FAILED
content-encoding
br
content-length
213503
x-served-by
cache-dca17777-DCA, cache-cph20620-CPH
last-modified
Fri, 05 Mar 2021 17:11:06 GMT
x-timer
S1615083784.620024,VS0,VE0
date
Sun, 07 Mar 2021 02:23:03 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 618

Redirect headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-cph20620-CPH
x-cache
HIT
location
https://cds.connatix.com/p/106673/connatix.player.dc.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1615083784.500999,VS0,VE1
content-length
0
retry-after
0
x-cache-hits
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e789db33efc14c107f45aa793f7458da901c9a0184e128ea48fcbd4575d73b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
LfpAmkU1tWNSn88GyxdxlA==
cross-origin-resource-policy
cross-origin
expires
Sun, 07 Mar 2021 02:39:12 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
dyAZdy90AM1vGCMF/ODRC7deTQoD5HSm5LG7BlLmMp0FZoSPORSc4T8GfGyIGUq9mapI4dl8lmfzl0nwgod89g==
x-fb-trip-id
1425083115
x-fb-content-md5
bdad746bc28f85298e6d915108138d64
date
Sun, 07 Mar 2021 02:23:03 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"cf504413ab33fa51109569da1f4f2e4b"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6386
content-type
application/javascript
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
A27C212E2231D899
x-amz-id-2
1cd2S2WOvb8G1v6HhOOni90/eIlZtIGi7dwRoYQbHPFhDHUXZRY7neebruxV0Y4+WgfDzXsJLfY=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nSKDcOvqUaf2RklRAGo3PQqQVBiAfL8XCd%2FmaO%2F3wESFpdDrOTCMb270D%2FTa7oQK9t1fHuaCNE4My2s0xRZRw3f0YVA9W4R3FNjBOV1cbYVY4PFCtdXrnn0UPO4%3D"}]}
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cache-control
max-age=28800
cf-request-id
08ac17de1e00004e74148a9000000001
cf-ray
62c05c102b7b4e74-FRA
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Montserrat:400,700|Signika:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.washingtontimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
221192
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:31 GMT
mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Montserrat:400,700|Signika:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.washingtontimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 10:24:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:37 GMT
server
sffe
age
57515
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13780
x-xss-protection
0
expires
Sun, 06 Mar 2022 10:24:28 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Montserrat:400,700|Signika:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.washingtontimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
461251
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:15:32 GMT
vEFR2_JTCgwQ5ejvG1EmBg.woff2
fonts.gstatic.com/s/signika/v12/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/signika/v12/vEFR2_JTCgwQ5ejvG1EmBg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Montserrat:400,700|Signika:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74454812806f5125d2ec8cbab938caf3732596c18021ab5efc0cb0b5f18b80ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.washingtontimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:23:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 21:59:43 GMT
server
sffe
age
385201
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56552
x-xss-protection
0
expires
Wed, 02 Mar 2022 15:23:02 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Montserrat:400,700|Signika:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.washingtontimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 10:28:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
57266
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Sun, 06 Mar 2022 10:28:37 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Montserrat:400,700|Signika:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.washingtontimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
196898
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
1419779
html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/ Frame 7694
Redirect Chain
  • https://html5-player.libsyn.com/embed/destination/id/1419779/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/
  • https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
50 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.16.246.215 , United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software
Apache /
Resource Hash
63310e02bd70ef872c1d6a52c60efab8319830fb9368c1c7e3ef5882173758a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

:method
GET
:authority
html5-player.libsyn.com
:scheme
https
:path
/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
server
Apache
cache-control
max-age=3600
expires
Sun, 07 Mar 2021 03:23:04 GMT
vary
Accept-Encoding
content-encoding
gzip
x-libsyn-host
web-player3.libsyn.com
accept-ranges
bytes
access-control-allow-origin
*
x-xss-protection
1;mode=block
x-content-type-options
nosniff
content-length
12084
content-type
text/html; charset=UTF-8

Redirect headers

date
Sun, 07 Mar 2021 02:23:03 GMT
server
Apache
location
/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
cache-control
max-age=3600
expires
Sun, 07 Mar 2021 03:23:03 GMT
vary
Accept-Encoding
content-encoding
gzip
x-libsyn-host
web-player2.libsyn.com
accept-ranges
bytes
access-control-allow-origin
*
x-xss-protection
1;mode=block
x-content-type-options
nosniff
content-length
20
content-type
text/html; charset=UTF-8
mail-alerts.7c5da2b8.ca697cc04fdf.png
twt-assets.washtimes.com/ 		736 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-assets.washtimes.com/mail-alerts.7c5da2b8.ca697cc04fdf.png
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/css/global.038576814fc3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5296c652e467dc0870ac989e3cd2263e2352d90e6c7a30ab4ba0f56cebf85310

Request headers

Referer
https://twt-assets.washtimes.com/css/global.038576814fc3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/6.0)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web02
age
251980
cf-ray
62c05c0fe9a910b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
736
cf-request-id
08ac17ddef000010b557201000000001
last-modified
Thu, 18 Feb 2021 00:17:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Suc%2FDG4D%2FWHU%2B5MH5V15DOm1DNMzQPbngZf5E%2FrSBcN5T7smNqzZc6Bt0ONHD3CFqvK%2FF0FBR1ypFGaJSLnP8Z%2FmlJYDHG6PI%2FwAhv%2BpAMMjRXqII335bw8%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
13650032
cache-control
max-age=31284019
accept-ranges
bytes
content-type
image/png
expires
Fri, 04 Mar 2022 04:23:22 GMT
/
innerskinresearch.com/eu/
Redirect Chain
  • https://api.innerskinresearch.com/alternAdImpression?id=id0&path=%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&date=3%2F7%2F2021
  • https://innerskinresearch.com/eu/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://innerskinresearch.com/eu/
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1337 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 07 Mar 2021 02:23:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://innerskinresearch.com/eu/
cf-ray
62c05c104d2d4a5b-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
08ac17de2d00004a5b9e0ff000000001
bluesleeve.jpg
touchcr-web-assets.s3-us-west-1.amazonaws.com/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://touchcr-web-assets.s3-us-west-1.amazonaws.com/img/bluesleeve.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.116.113 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9cd881ace5bdbe410803fd5c8925bcc356103f50558d1ef84d0396c76c1f5f29

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:05 GMT
Last-Modified
Mon, 21 Dec 2020 20:41:55 GMT
Server
AmazonS3
x-amz-request-id
B06C0AF8551C3E9B
ETag
"27972da40c43aa2b782e6d98d8744ee8"
Content-Type
image/jpeg
x-amz-version-id
lCjqpdq2S3hYTtrNEmcx0T9X_hsgYNyx
Accept-Ranges
bytes
Content-Length
2363
x-amz-id-2
YoqwQwwCtk568Toc2wQToe6pu2RAm8ug0fUE1ejLju0LyJGTTf7iAtL5qQi0cQ+exM4WTVfsnC0=
pubads_impl_2021030201.js
securepubads.g.doubleclick.net/gpt/ 		282 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 09:37:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101677
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:03 GMT
main.js
m9m6e2w5.stackpathcdn.com/v2/2b481ec2/ 		151 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/2b481ec2/main.js
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
53fe6f4752b740bdb672721a52867a44cf638ebc34ca227a7e8a01e4f1157497

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 15:41:40 GMT
server
nginx
x-amz-request-id
12SWBR522QXFF6HM
etag
"3c5d1f1196cd828ac7786014fa753b55"
x-hw
1615083783.cds068.sk1.hn,1615083783.cds216.sk1.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
44552
x-amz-id-2
jr5qy9DujxTY23KglD80d1LHUVmMSel3JrlSWtXCfxLjaZRhXryfLF2BO2zK/G8r2r/VEAELnEs=
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://www.washingtontimes.com
Referer
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
vary
Accept-Encoding
cf-cache-status
HIT
cdn-edgestorageid
565, 718
age
218344
cdn-cachedat
2021-03-04 14:40:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44432
cf-request-id
08ac17de350000d70d1d082000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ffb47ede29b1d604f001bab7828113cc
accept-ranges
bytes
cf-ray
62c05c105f37d70d-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
1b4cd6dea80b282c132df03b8b3fd9ac.json
www.shareaholic.net/config/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shareaholic.net/config/1b4cd6dea80b282c132df03b8b3fd9ac.json
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-100-94.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4d9f3dc6a67dea386a5982b327c737e5e34fff166147bbb7f308013ca2884722

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo-country
DK,Denmark
date
Sat, 06 Mar 2021 22:40:55 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
content-length
1032
server
nginx
x-client-geo-region
84,Capital Region
x-client-geo-metrocode
etag
W/"4d9f3dc6a67dea386a5982b327c737e5"
access-control-max-age
2000
x-client-geo-city
Copenhagen
x-varnish
931694110 928383401
via
1.1 varnish (Varnish/6.0)
access-control-expose-headers
Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control
max-age=3, public, must-revalidate
x-client-geo-zip
2750
accept-ranges
bytes
content-type
application/json
access-control-allow-headers
*
x-client-geo-latlong
55.732700,12.365600
bat.js
bat.bing.com/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref
Ref A: 53CC28089BE34BFB92BE332E0DE61DA3 Ref B: FRAEDGE1219 Ref C: 2021-03-07T02:23:03Z
etag
"804e75f6fd11d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8562
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
5514
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1615083784.827679,VS0,VE0
x-served-by
cache-hhn11521-HHN
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2459
etag
W/"29e3b92597e716694def18b1f85abbfb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
62c05c108a194d84-FRA
cf-request-id
08ac17de5300004d847b820000000001
expires
Sun, 07 Mar 2021 03:23:03 GMT
core.js
s.pinimg.com/ct/ 		1 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"7dfd742fa9951f09da578c3e4cfc7d96"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
x-fallback
3a88bb53-2.16.186.237
accept-ranges
bytes
content-length
583
access-control-expose-headers
X-CDN
a-01en.min.js
b-code.liadm.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01en.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
344ca9bc7c87d50030fbf517311b9a9e6def112ddebafdf4eef2803c351ba2cb

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 14:36:20 GMT
etag
"b956712636fb55b45b455b3e10c50f1b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1219
accept-ranges
bytes
content-length
9830
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
5LUdZh8nFd2vSIaYfn6Ajfea1S6x4VeXMNa93gGMdy9Y8N0z69kt+iam84itGHcOGuiFTE5E+QyXgY2EVfX+Cw==
x-fb-trip-id
1425083115
x-frame-options
DENY
date
Sun, 07 Mar 2021 02:23:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
load.js
s.ntv.io/serve/ 		348 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b4ab0c9d469f5fc9747b8f7433e38ebcc71a9bde85103b9ed30606d37bdbc112

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:03 GMT
Content-Encoding
gzip
x-amz-request-id
656FA0C7177A7760
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
+0nPNwjO5Kp81B3CgcCUcpBDMTJJonPJfy5ffXrS00eBzK5YEz06idMVQO/ejMkTCSdxlTpodtk=
Last-Modified
Fri, 05 Feb 2021 18:53:22 GMT
Server
AmazonS3
ETag
"f26986557d331d9bccef002058601094"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
57uy93qrq0
www.clarity.ms/tag/ 		444 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/57uy93qrq0
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
acf6640e824da848b632657670475a1855a1c5e4850f7cf1d1381a3e9cada575

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:02 GMT
content-encoding
gzip
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache, no-store
x-azure-ref
0BzlEYAAAAAD2lBcCCPe1RJKtqEZnXDR6RlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
content-length
448
expires
-1
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
1227
date
Sun, 07 Mar 2021 02:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sun, 07 Mar 2021 04:02:36 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=17692074&ns__t=1615083783738&ns_c=UTF-8&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17692074&ns__t=1615083783738&ns_c=UTF-8&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Time...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=17692074&ns__t=1615083783738&ns_c=UTF-8&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&c9=&cs_ak_ss=1
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=17692074&ns__t=1615083783738&ns_c=UTF-8&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:03 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
arrow-zoom.1153a883.7d9b5d6db57a.png
twt-assets.washtimes.com/ 		273 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twt-assets.washtimes.com/arrow-zoom.1153a883.7d9b5d6db57a.png
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/css/global.038576814fc3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d987b96e4134841680fe5ede6e7ca73c5e4cc58fcf618be8571872aa9b6a26eb

Request headers

Referer
https://twt-assets.washtimes.com/css/global.038576814fc3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
via
1.1 varnish (Varnish/5.2)
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
x-backend
web5
age
7927642
cf-ray
62c05c10ca2610b5-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
273
cf-request-id
08ac17de81000010b518262000000001
last-modified
Tue, 03 Nov 2020 21:44:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AOkiwmwLq3Oc5MdS509srKXF6TuO8WcGbjdcd%2FSVic4jEihd1QU9y0pE2GhKYaMnXVd%2F3KRkcXSDTljiyLNBp9k6z26KMlH25ul2MZAU3n3Yyi%2FF%2BriRyKc%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
19136830
cache-control
max-age=23608358
accept-ranges
bytes
content-type
image/png
expires
Sun, 05 Dec 2021 08:15:41 GMT
connatix.playspace.css
cds.connatix.com/p/106673/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/106673/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yL080GS662P75kDiCkDpJni_lFO4eIHj
via
1.1 varnish, 1.1 varnish
etag
"a2e4815b59a14d0ee11b3bde797ef7e0"
age
117304
x-cache
HIT, HIT
x-amz-replication-status
FAILED
content-encoding
br
content-length
14290
x-served-by
cache-dca17776-DCA, cache-cph20620-CPH
last-modified
Fri, 05 Mar 2021 17:11:06 GMT
x-timer
S1615083784.830463,VS0,VE0
date
Sun, 07 Mar 2021 02:23:03 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 3944
sdk.js
connect.facebook.net/en_US/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1bd70e78675a793519f9f08feb569fb7&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a012af949296922ae8041d0d91142a27eaea52ce930963078f3811171dc400a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.washingtontimes.com
Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
87UAFiJfMyhIgiXTXl18rw==
cross-origin-resource-policy
cross-origin
expires
Mon, 07 Mar 2022 01:04:10 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60546
x-fb-rlafr
0
x-fb-debug
p4yR/Red+4rGxNjPpqx6CNDG9+ujBi0fXafpdbfKe1Z/0hm2JZHsKkv2LVxzN/ZzX6q/LgmACv55fF8XwA9VHg==
x-fb-trip-id
1425083115
x-fb-content-md5
9d7da2e3578f57b9ba1863aeb47b2c6b
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 07 Mar 2021 02:23:03 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag
"2277a5079e026ea7a4452be70268baf1"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_iyCBIB1C/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_iyCBIB1C/v2?platform=Desktop
Protocol
H2
Server
2.16.186.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-114.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Origin
https://www.washingtontimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id
access-control-expose-headers
access-control-max-age
86400
date
Sun, 07 Mar 2021 02:23:04 GMT
events
direct-events-collector.spot.im/api/v2/ 		0
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_iyCBIB1C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.150.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-150-11.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.washingtontimes.com
date
Sun, 07 Mar 2021 02:23:04 GMT
access-control-allow-credentials
true
server
fasthttp
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_iyCBIB1C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA2-C1
content-length
20
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-amz-cf-id
8FMjcPRIO2PmQ_Ng6QbHXWvjXSXu6sXYGRmPnb8d02JqpwEwN9tZoQ==
expires
Tue, 08 Mar 2022 02:23:04 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_iyCBIB1C/ 		39 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_iyCBIB1C/v2?platform=Desktop
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_iyCBIB1C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-114.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
57f105b6ad16722034adb0abcfaa7d75fa3c040b95ebfeb51f52e4bccdd0b687

Request headers

x-spot-id
sp_iyCBIB1C
x-spotim-page-view-id
0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86
x-guid
null
Referer
https://www.washingtontimes.com/
x-post-id
story_2536785
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.washingtontimes.com
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id
content-length
3247
x-request-id
0cb7bb4a-7eec-11eb-94d1-4ef5ccc7a896
access-control-expose-headers
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_iyCBIB1C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA2-C1
content-length
20
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-amz-cf-id
8FMjcPRIO2PmQ_Ng6QbHXWvjXSXu6sXYGRmPnb8d02JqpwEwN9tZoQ==
expires
Tue, 08 Mar 2022 02:23:04 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7DB9 		416 B
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1614783559.5167"
last-modified
Wed, 03 Mar 2021 14:48:18 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Sun, 07 Mar 2021 02:23:03 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1615083783~rv=92~id=e54d6210c82047137f094a0c64e95371; path=/; Expires=Sun, 07 Mar 2021 02:23:03 GMT; Secure; SameSite=None
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=7.086755653353603
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Tue, 06 Apr 2021 02:23:03 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1615083783973&sessionId=49695c7c-3266-ad9b-fc9c-f20b81d664f7&url=www.washingtontimes.com&cheqSource=1&cheqEvent=0&exitReason=100
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
2d170cea934995eb2e626a060e63f0b3
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&idx=0&rand=34120&key=NANOWDGT01&widgetJSId=AR_10&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=187&py=4498&vpd=3298&settings=true&recs=true&version=2000238&sig=acJNMv0w&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
956e494dc077beeb3220e5038ce0b3391a37b4247252f2310737f917382972f8

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.23
x-cache-hits
0, 0
x-traceid
4716825a9185acc8de032ea3262362bb
content-encoding
gzip
content-length
8510
x-served-by
cache-lga21923-LGA, cache-fra19151-FRA
x-timer
S1615083784.054096,VS0,VE234
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
329974197684672
connect.facebook.net/signals/config/ 		241 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/329974197684672?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3133ab1ade9bb8f8697a83b3e8fdf82a4b95f23d77fc5ed63832c53ed3196a4f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
dXP/3Ydw5L9kSxG5RdClgJ+5eLg6lXrbwDEqihnGUAvP6fv2C3V9JE8WDikOooQDr1nKIjF/iWNct/h1abkf/w==
x-fb-trip-id
1425083115
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 07 Mar 2021 02:23:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
delivery.js
assets.newsmaxwidget.com/master/ 		320 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.newsmaxwidget.com/master/delivery.js
Requested by
Host: static.newsmaxfeednetwork.com
URL: https://static.newsmaxfeednetwork.com/web-clients/bootloaders/Yb3HQw3wsNGDTDRBD3YMi5/bootloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bc92fd2fcf02ab23bf434d20248d29690b562b406e32cb0888a440774d16fd8

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 22:01:44 GMT
server
AmazonS3
x-amz-request-id
G26CG3003EEJXJWV
etag
"920820ccb3600c75c59354aece75e703"
x-hw
1615083784.cds001.sk1.hn,1615083784.cds049.sk1.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
88095
x-amz-id-2
OxjRCdABamM29vOL3JNyhIKkE/SMuVmT7pkTNBKovNKfVK69LdU7EAOYQbcndDE13kPobRcDoHo=
generic
trends.newsmaxwidget.com/event/ 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.newsmaxwidget.com/event/generic?t=e0BexIGnHI9%2BpNjG49wkYEyVM4y3BQNxwkTNY7a7dgvvBvz6%2FYgrimsvlkxxk7S%2BA%2FaojW3WOF3%2FGbHkr3qzjPKHxbgzvCAowRUaLS4dKWY%3D&e=adapty&s[ref]=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&s[hash]=Yb3HQw3wsNGDTDRBD3YMi5
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Mar 2021 02:23:04 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
story
capi.connatix.com/core/ Frame C2D3 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=106673
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.204.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-204-105.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
50f53a5d13fec64fcf90dc5633bd63aaa24c496bd03d096d63feea24cebb6f65

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
881
collect
www.google-analytics.com/j/ 		2 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1873602385&t=pageview&_s=1&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&dp=%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&ul=en-us&de=UTF-8&dt=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2064576534&gjid=386591495&cid=1418632457.1615083784&tid=UA-3328123-2&_gid=333866367.1615083784&_r=1&gtm=2wg2o0TRFBMGL&cd1=Story&cd2=Anonymous&cd3=politics&cd4=news&cd5=Alex%20Swoyer&z=736373207
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		723 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c49eea1e521ba7f142e540b4ec3704744fb818f7c49e86a22ba13c1a8cc48e57
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.48:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8c161051-4177-435c-9b78-aaad1da1311e
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
hb.undertone.com/ 		0
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=37&domain=washingtontimes.com
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:f600:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:04 GMT
via
1.1 0d54c3ddc4e7347d45d33a921b50661f.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.washingtontimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
x-amz-cf-id
-qn1lJF9WsQ2ANXztYW2Lnu1pn4EBxuHpKsruQpwDUC_j6XsYJdCMQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
arj
washingtontimes-d.openx.net/w/1.0/ 		173 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://washingtontimes-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=908a394c-8a1b-4db5-bcc4-855576894b61%2Ca7729ac2-9f19-4bfc-8e3b-a611c8feca1d%2C0d3de2e8-824e-4a82-a5de-26161dd7f99c%2C45f33619-8231-4cd2-a42e-7a9fdb96dc3a%2C2e5d28e9-5526-44f8-869b-eb01f63a5231%2C74698a72-cf84-4b86-bbd5-136d2210048a&nocache=1615083784096&aus=728x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050&divIds=Desktop_InFeed1_Articles%2CDesktop_RR_Articles_Top%2CDesktop_RR_Articles_1%2CDesktop_RR_Articles_2%2CDesktop_RR_Articles_3%2CDesktop_RR_Articles_4&auid=540397894%2C540397898%2C540397904%2C540397901%2C540397902%2C540397903&
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
f7795979514d9e61c4c568dcc757c0ef6240591cedcb7a2cd8fa7b0510ce0611

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.washingtontimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		96 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.44.1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
f24cb9754dd6ef065d4744e49cd4b462016484aac9a418bbf1ae732ab9f33b5c

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:03 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
101
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387554&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=908a394c-8a1b-4db5-bcc4-855576894b61&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6155507256771795
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
02adeabb3c149ce385dd90b54239913ebdf01a0ec177c654dcdd9c2a95289be2

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387558&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=908a394c-8a1b-4db5-bcc4-855576894b61&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6652734340072843
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c0f4d2362b2031e33fc64626452d5bbac773a4e34efabc1808f5e6b58790b92d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387542&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=a7729ac2-9f19-4bfc-8e3b-a611c8feca1d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2977640013591434
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9303fc4f30f2b569cbf41ef6dd903634784613e62503759a742b924978f10623

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1601
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387548&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=a7729ac2-9f19-4bfc-8e3b-a611c8feca1d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3159155504158282
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e1667cbb4f37b8c9c4e1d5ef85831c06d69e066d4ec7e3349d05ce4fb9778fde

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1590
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387552&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=a7729ac2-9f19-4bfc-8e3b-a611c8feca1d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3971993295913381
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ff5c833bd9bae05ff2fa26387edda5c51549f72e5d18eb84c38a74a967370500

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1215144&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=0d3de2e8-824e-4a82-a5de-26161dd7f99c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.07474853393011527
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5d156051e2f89e0ff43df5cc111ae7632bbf7492771c8569cd6e36e7f912aed2

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1215136&size_id=15&alt_size_ids=10%2C54&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=45f33619-8231-4cd2-a42e-7a9fdb96dc3a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6587276301252576
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0433e2875e9fd2a1caa9a65ada9a17c5e9f03789da6463476fcd915396c6c6f0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387470&size_id=15&alt_size_ids=10%2C54&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=45f33619-8231-4cd2-a42e-7a9fdb96dc3a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5229128889571113
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1bd84082cb6b01c22887cf4966c3955bd4b67f36cb573701037b64c8969a9fc4

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387474&size_id=15&alt_size_ids=10%2C54&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=45f33619-8231-4cd2-a42e-7a9fdb96dc3a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7247019507809003
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
04ec047c75d6b0fdf10ce69271b8ec041bfffdbdc14a4c0b7914c1eeeaa65b63

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1215138&size_id=15&alt_size_ids=10%2C54&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=2e5d28e9-5526-44f8-869b-eb01f63a5231&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3182280572017755
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1d2282aecff7280c1ebf5fd5ea54998037c6d9382ca6e4aec94eecfc83d0124a

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1215140&size_id=15&alt_size_ids=10%2C54&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=74698a72-cf84-4b86-bbd5-136d2210048a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4749942502971345
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
31efbd793df081a9a00fda3c63718f35bdd0929a6acecc0c3d088d7985f9592a

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387496&size_id=15&alt_size_ids=10%2C54&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=74698a72-cf84-4b86-bbd5-136d2210048a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8273053146623282
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c48a4e2ced07184884f52d5f6af75124eb9ac336f7584dad1203c3e4dc989023

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1588
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387502&size_id=15&alt_size_ids=10%2C54&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v2.44.1&x_source.tid=74698a72-cf84-4b86-bbd5-136d2210048a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3875908597438833
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f84f8ae0086c5412c21e03686eaec54b00ca0d8252985423d22e79d0a46bdfbf

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_infeed1_articles_970x250&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
4d111c009e8f72310a442217dae106f80b191ff940c0a838bfac421f7e525aee

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_infeed1_articles_728x90&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
ce100a5b741a2b86f9b0082360688d6ba156eaddddbc29c78e4e7793f871cefa

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x250&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
f5e1465efda93e6d84d0c9d47544ad901016e7ede87db8f4066a24a3303ae027

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x600&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
81195f331f2b99c581a025c30c60537210853a5ec53ce76c7beef8987e8e3821

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x250&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e1423f2c3019bedfff7e2364ca9f8dc100abd6a14d9d65aca8e710b5a3dffc47

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x600&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
2c24582b42a00bdc66bd1a7cf42e89cf65e92c1aa2e84cc09921c8799dce0cea

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x250&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
0cb85efa45ae31a2459ae163cc52090319d561f926029d106dd5071bdda3069e

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x600&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
afb2bb429989ff7f7edb464b35161835c74c9172697acfe603de86150511d018

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x250&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
d349d655fff413d9515ce9841c32df131d5753f12e1cdca41c7b72c4e899fd7e

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x600&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
9a254f5ea188905ddd9a823dc27fc58db97c63ca74033f117697e3f55da0f72f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x250&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
f9fe53aff6ce2f05d1cbd106f6c82a73a2ea309138f31600cf38d3ff927f5e53

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017272c1e552c3d0c1b600b7&pos=desktop_-_300x600&cmd=bid&secure=1
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
cd9316b3385fb95b84829ca457e83435bf55cd43a0914ff73ddc14f2731f899d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
cygnus
as-sec.casalemedia.com/ 		25 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=311651&v=7.2&r=%7B%22id%22%3A%22612c85970edad3c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22625436dcee67e39%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311651%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2263f7981f1e56d16%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311651%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2264b3088e214c387%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311657%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22653fafc0f67ee75%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311657%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226666d5fdd4e5eab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311654%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2267fad2894751318%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311654%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226843feedbff3ae2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311655%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22697ddc7589e09be%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311655%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22708d3e5d6639b4b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311656%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22711b5da3d77fe6d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22311656%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: twt-assets.washtimes.com
URL: https://twt-assets.washtimes.com/js/prebid2.44.1.235e1c61f2a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c9693a18b32cde2c544a292c9f0d405982e2bd7ae4c59acf6dbbdd59424e232

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
45
Expires
Sun, 07 Mar 2021 02:23:05 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&pid=aCkGnMxGSbeag&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%225856%2Fwash.times%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%225856%2Fwash.times%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%225856%2Fwash.times%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%225856%2Fwash.times%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%225856%2Fwash.times%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%225856%2Fwash.times%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%225856%2Fwash.times%22%7D%5D&pubid=6f8126c3-a155-4a34-b3e2-e7679af6a9ed&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZAG50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
i5Bw7H5kHWyYIlTzme26G_SXe-dHTQ8S66_BM5bOxVvLlQkCGaQoGA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop
ZAG50-C1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Sun, 07 Mar 2021 02:23:07 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c49bda74c25f4f26cc20173eec28da1f.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-id
i0OznJqrKs464kvVnxu8nHThcKZF7hyjkoPDrxafOAG-2pYuAqK-PQ==
main.2a04f3ee.js
s.pinimg.com/ct/lib/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.2a04f3ee.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"248210fef24a364a0e167a9a4db13563"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
x-fallback
3a88bc9c-2.16.186.237
accept-ranges
bytes
content-length
17102
access-control-expose-headers
X-CDN
adsct
t.co/i/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nwae8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Sun, 07 Mar 2021 02:23:04 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
1dfe3fef47b63ad9e779f06e351953d3
x-transaction
00a4e6a200a392d0
expires
Tue, 31 Mar 1981 05:00:00 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 14 Mar 2021 02:23:04 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=44017
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: s.newsmaxfeednetwork.com
URL: https://s.newsmaxfeednetwork.com/static/js/connectV5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Mon, 08 Mar 2021 02:23:04 GMT
f.js
cdn.feedbackify.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.feedbackify.com/f.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.88.138.51 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3f930c87a11fe4bba81db7914e199b3e8cd51951d47e313baeb2359e0e5eafae

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Content-Encoding
gzip
ETag
W/"347861603203d578911efaf792e92529"
Last-Modified
Tue, 25 Aug 2020 14:51:56 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
1BPTCN2K73J4CTE3
x-amz-meta-cb-modifiedtime
Tue, 25 Aug 2020 14:47:59 GMT
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=300, public
Connection
keep-alive
x-amz-id-2
T8mCz+mqXna25cRNbrE61f1M2QTU5ZYpz61etvxFZiQmvUTuDxX8ULwkpRsnvmkZ0eeA5wNzFzU=
mpgojj9okZ_PK5RI-vjl1MO6LRJveNXviP_MxooIfCpxH3OCglgZD0
absorbingband.com/v2/0/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://absorbingband.com/v2/0/mpgojj9okZ_PK5RI-vjl1MO6LRJveNXviP_MxooIfCpxH3OCglgZD0
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
800be243293e6d45f1a0393569ba3a9dc62b0a284a632e5890f4f40662a20f8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"0b49b8cb07b1381d8b7d0fa1e77261ae75adb4545e938c238a5660f5eddeabd6"
vary
Accept-Encoding, Accept-Language
x-hostname
9b6d8613
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sun, 07 Mar 2021 02:23:04 GMT
timing-allow-origin
*
izqmnfqOO4qXxbAB0J_IoCQ7sdw9msdhZV9K5e3t3-h-MBkqTKWot2E2smulTA8Phnryc8e
absorbingband.com/v2/0/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://absorbingband.com/v2/0/izqmnfqOO4qXxbAB0J_IoCQ7sdw9msdhZV9K5e3t3-h-MBkqTKWot2E2smulTA8Phnryc8e
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4c561fed24bc233343725b988565d94f9d147a3eb45591863236c205337c12f3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"8e58cd39b7e13a81df79431ad9070cd462f17ac47e40cbf7b6047d37fadd0f0d"
vary
Accept-Encoding, Accept-Language
x-hostname
9b6d8613
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sun, 07 Mar 2021 02:23:04 GMT
timing-allow-origin
*
lightbox.js
www.lightboxcdn.com/vendor/a03ff559-e73a-4fb6-91a2-074fb72400fe/ 		326 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/a03ff559-e73a-4fb6-91a2-074fb72400fe/lightbox.js?mb=1615083784171
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
98f2d49a3ab8c5a102f7d7c90d440594b8d764136cd6587d5e5ab15bb89f21bb

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
2710
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
62c05c1349b64e1a-FRA
cf-request-id
08ac17e01100004e1a55904000000001
load
experience.tinypass.com/xbuilder/experience/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=hph4LAYuC6
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44a4a7fa849e927e33dc8f8bfb1d1a5264ea46c5e68b2fd9ed3a000fc111b0a
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
1200
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08ac17e00b0000073e44033000000001
x-request-id
C4ptkpqHBRl
wn
prod-exp-10-0-128-153
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
62c05c134f90073e-FRA
expires
Sun, 07 Mar 2021 02:53:04 GMT
e
analytics.shareaholic.com/ 		43 B
386 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.shareaholic.com/e
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/2b481ec2/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.47.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy referrer always

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:04 GMT
vary
Origin
p3p
CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
referer-policy
unsafe-url
content-security-policy
referrer always
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
device_load
events-collector.spot.im/api/v1/ 		36 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events-collector.spot.im/api/v1/device_load
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_iyCBIB1C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.64 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-64.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
f2ca4f0f5bdccf0c6329a2a940ad84c3c26e103ceac646a8404913d1bd9f478f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:07 GMT
server
fasthttp
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.washingtontimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
36
expires
Sun, 07 Mar 2021 02:23:07 GMT
adsct
analytics.twitter.com/i/ 		31 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nwae8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Sun, 07 Mar 2021 02:23:19 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
05cbac4c5b3411929827f2d4b320deb8
x-transaction
00bcb124004d0dd7
expires
Tue, 31 Mar 1981 05:00:00 GMT
clarity.js
www.clarity.ms/eus2/s/0.6.9/ 		44 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.9/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/57uy93qrq0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d45dff5ca928c11671bda9f2bdb88987a64a2dece9e4ca09e1ebb0d7cce2a28d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:03 GMT
content-encoding
br
etag
"1d711fd4a33d9f7"
last-modified
Fri, 05 Mar 2021 20:22:40 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=86400
x-azure-ref
0CDlEYAAAAABtvWf6zi5WQqvjc5PrIZSBRlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=0643535D75F743C7824143E74D76597F&RedC=c.clarity.ms&MXFR=0BE0B0A23D7B66EC3FB8BF51397B680B
  • https://c.clarity.ms/c.gif?CtsSyncId=0643535D75F743C7824143E74D76597F&MUID=2817EB1994BE62610127E4EA956C63E6
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=0643535D75F743C7824143E74D76597F&MUID=2817EB1994BE62610127E4EA956C63E6
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:19 GMT
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"506f5bd17ad71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:18 GMT
x-msedge-ref
Ref A: C79E90B77BC24F40853099810F2388E5 Ref B: FRAEDGE1214 Ref C: 2021-03-07T02:23:19Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=0643535D75F743C7824143E74D76597F&MUID=2817EB1994BE62610127E4EA956C63E6
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
stats.g.doubleclick.net/j/ 		1 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-3328123-2&cid=1418632457.1615083784&jid=2064576534&gjid=386591495&_gid=333866367.1615083784&_u=YEBAAEAAAAAAAC~&z=1148851536
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 07 Mar 2021 02:23:04 GMT
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5695066&tm=gtm001&Ver=2&mid=a2e63de3-9905-452e-97f2-f7d7a36743b6&sid=0be758807eec11eb9fb7a106ac6b4dc2&vid=0be78c807eec11eb862abb7d5a9c8c02&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&p=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&r=&lt=1619&evt=pageLoad&msclkid=N&sv=1&rn=2708
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 07 Mar 2021 02:23:04 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 986AC53F469C4028AD4CE5A539D5BE57 Ref B: FRAEDGE1219 Ref C: 2021-03-07T02:23:04Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01en.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 09:48:23 GMT
etag
"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
x-amz-meta-version
0.2.0
content-type
application/javascript
cache-control
max-age=360
accept-ranges
bytes
content-length
2374
sharebuttons.js
m9m6e2w5.stackpathcdn.com/v2/2b481ec2/ 		158 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/2b481ec2/sharebuttons.js
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8de18d9d36022c50913c7296137ff292d1e862505a5ac0d860b7845edcc7a52b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 15:41:40 GMT
server
nginx
x-amz-request-id
VBEHT5XNYHFP9FV1
etag
"fa4b8f4620c83983e09bd44dc69beeef"
x-hw
1615083784.cds068.sk1.hn,1615083784.cds015.sk1.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
35795
x-amz-id-2
+/EBfDlzgRgd5X/ZQqYk9uCl9Wzk70c7z+ABW/3zJNAI7/tyQzY3Ogyzm/iVEPj5pLPPERZ3M3A=
t
jadserve.postrelease.com/ 		1 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-247-206.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
3932ae74c4b03ec85f081863f23610a1e65df67d8bbc5e13ac27fa49a639e1a5

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
595
expires
Mon, 1 Jan 1990 12:00:00 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7DB9 		610 B
1008 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1614783560.237057"
last-modified
Wed, 03 Mar 2021 14:48:18 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Sun, 07 Mar 2021 02:23:04 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1615083784~rv=71~id=6c07fc29199e5ccc2b727b9f19aec7c7; path=/; Expires=Sun, 07 Mar 2021 02:23:04 GMT; Secure; SameSite=None
450591302454597
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/450591302454597?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85dcf9134e5d309882872c98e1caf93d700109b42f49d4ae3ad2f8ca6e12344f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
n2yjkbJq72oxptufJzrLw9PgUij9dKCqZkM32sX3kbQeGGddYw/0zASSpNns4jXSeuSt9x2DNO8FyY4+Cl0DPg==
x-fb-trip-id
1425083115
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 07 Mar 2021 02:23:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
rules-p-c69_1G6fdlihY.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-c69_1G6fdlihY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:7400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
829459528fdf64d8725e1009a90759dfc3f70ca184958fbc435e76daa3c31b1d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:30:53 GMT
server
AmazonS3
x-amz-cf-pop
ZAG50-C1
etag
W/"a998d8ea1c8034504d39cc79acb389d3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-id
y7ceEKKv5aE-3NdTceIAD6h56W5e9YuSkVaOKsaY1-m-EUdzhkMm6A==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1615083784346&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1586410%26time%3D1615083784346%26url%3Dhttps%253A%252F%252Fwww.washingtontimes.co...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1615083784346&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%...
0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1615083784346&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&liSync=true
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e3:101::6cae:b45 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-eda6
content-type
application/javascript
content-length
0
x-li-uuid
jurjPiXuaRbAXAzaLCsAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
WHttMiXuaRYwG9IcjisAAA==
pragma
no-cache
x-li-pop
afd-prod-eda6
x-msedge-ref
Ref A: A8C047754B564E758050C8D29BF5E8AD Ref B: FRAEDGE1115 Ref C: 2021-03-07T02:23:04Z
date
Sun, 07 Mar 2021 02:23:03 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1615083784346&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=9248945&c3=100000&ns__t=1615083784428&ns_c=UTF-8&cv=3.5&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Wa...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=9248945&c3=100000&ns__t=1615083784428&ns_c=UTF-8&cv=3.5&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20W...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=9248945&c3=100000&ns__t=1615083784428&ns_c=UTF-8&cv=3.5&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&c9=&cs_ak_ss=1
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=9248945&c3=100000&ns__t=1615083784428&ns_c=UTF-8&cv=3.5&c8=Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%20-%20Washington%20Times&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-01en&wpn=lc-bundle&pu=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&duid=326473a36fd7...
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01en&wpn=lc-bundle&pu=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&duid=326473a36fd...
13 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01en&wpn=lc-bundle&pu=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&se=e30&dtstmp=1615083784429&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.95.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
x-pixel-event-id
97fadb31-70f0-44c2-97fa-ce2a339eeb47
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
0
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
f9e51683264b9383

Redirect headers

date
Sun, 07 Mar 2021 02:23:04 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01en&wpn=lc-bundle&pu=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&se=e30&dtstmp=1615083784429&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.washingtontimes.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
3b114544efa86a37
request-time
0
content-length
0
x-content-type-options
nosniff
user.js
www.lightboxcdn.com/vendor/a03ff559-e73a-4fb6-91a2-074fb72400fe/ 		639 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/a03ff559-e73a-4fb6-91a2-074fb72400fe/user.js?cb=637504667690525684
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a03ff559-e73a-4fb6-91a2-074fb72400fe/lightbox.js?mb=1615083784171
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96a5ad988a3d4cc44699ab37d3792c47b282f32f9414dde2b41dd036c4a12769

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
+8e1ovFF3juLJt5imCay4w==
age
210919
cf-polished
origSize=1087219
last-modified
Wed, 24 Feb 2021 21:32:53 GMT
cf-request-id
08ac17e10c00004e1aaaa60000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
fa0974a8-c01e-00b8-430d-11b732000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
62c05c14dae14e1a-FRA
expires
Mon, 07 Mar 2022 02:23:04 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		399 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=hph4LAYuC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b58f24149d76e6bc4c529a5f6468ddddb51b2cfed5605950be23b7662d4e2ee
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3507
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08ac17e1140000073e4403a000000001
wn
prod-dash-10-0-135-123
last-modified
Sat, 06 Mar 2021 13:50:22 GMT
server
cloudflare
etag
W/"408260-1615038622000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript
server-time
0.001
cache-control
public, max-age=1200
cf-ray
62c05c14e8c7073e-FRA
expires
Sun, 07 Mar 2021 02:43:04 GMT
/
ct.pinterest.com/user/ 		38 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614346040902&ov=%7B%22page_name%22%3A%22My%20Page%22%2C%22page_category%22%3A%22My%20Page%20Category%22%7D&cb=1615083784463
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
access-control-allow-origin
https://www.washingtontimes.com
x-envoy-upstream-service-time
1
x-pinterest-rid
1687624380262531
pin-unauth
dWlkPU1UTXdNREV5T0RBdFpqTXpPQzAwTm1Wa0xXRTBZV010TjJFeU1HWTNNakppTUdRMQ
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
64
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614346040902&ov=%7B%22page_name%22%3A%22My%20Page%22%2C%22page_category%22%3A%22My%20Page%20Category%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222a04f3ee%22%7D&cb=1615083784464
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
referrer-policy
origin
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
7
content-length
35
x-pinterest-rid
5106244583223308
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22promo_code%22%3A%22TWTCHACKAPINT%22%7D&tid=2614346040902&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222a04f3ee%22%7D&cb=1615083784465
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
referrer-policy
origin
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
6
content-length
35
x-pinterest-rid
1644591970978744
expires
Sat, 01 Jan 2000 00:00:00 GMT
shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

Origin
https://www.washingtontimes.com
Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 15:41:41 GMT
server
nginx
x-amz-request-id
ARFN15FVZRSDV5M8
etag
"0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
x-hw
1615083784.cds045.sk1.hn,1615083784.cds042.sk1.c
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
20572
x-amz-id-2
LpX3ezEqL0waHYigfFA+TtaQbBJi7udTp6yE/by9Fhmct1wJzZikLhwxqIRazdj1vX+cvpUt1wk=
tab.png
cdn.feedbackify.com/img/classic/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.feedbackify.com/img/classic/tab.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.88.138.51 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f60efe58830b27bcd317e0ca19bc802c0123ce13f9293368929b0cc84353e403

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:04 GMT
Last-Modified
Fri, 18 Oct 2013 09:36:50 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
TDHZKH8GKNXENZNF
ETag
"44f5fb47b97ba687b5c63494fd131177"
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1174
x-amz-id-2
cE11oAr6LPOQSqmaM5zOjtGYczvk1wyAwoYyh5T++BeEEeLjNMJskf7oYmdazPYQyccQghXFjx4=
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7CC1 		361 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified
Sun, 20 Aug 2017 06:45:01 GMT
server
AkamaiNetStorage
content-length
361
cache-control
max-age=345600
date
Sun, 07 Mar 2021 02:23:04 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1615083784~rv=82~id=28daff26921eaff73b3a73ea0b9e1d7c; path=/; Expires=Sun, 07 Mar 2021 02:23:04 GMT; Secure; SameSite=None
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B402 		361 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified
Sun, 20 Aug 2017 06:45:01 GMT
server
AkamaiNetStorage
content-length
361
cache-control
max-age=345600
date
Sun, 07 Mar 2021 02:23:04 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1615083784~rv=30~id=03261d61ff2c8e40bc6557863677e225; path=/; Expires=Sun, 07 Mar 2021 02:23:04 GMT; Secure; SameSite=None
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Tue, 06 Apr 2021 02:23:04 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Tue, 06 Apr 2021 02:23:04 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=260002bd9bc83a7ec62ab17fbb72cb0c_8110_1615083784236&tm=672&eT=0&widgetWidth=879&widgetHeight=372&widgetX=187&widgetY=2753&wRV=2000238&pVis=1&lsd=-1&eIdx=&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
X-TraceId
f98f101c17aec8d7ef5a7692212a2756
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 1493 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
afb145bd40df8dffa617b6e9e404d0284c792dd7a3e40884b49df9c9279c625b

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"2759986ecbb4d0550a78c4abeda19fad:1614673403.295396"
last-modified
Tue, 02 Mar 2021 08:23:11 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Mon, 08 Mar 2021 02:23:04 GMT
date
Sun, 07 Mar 2021 02:23:04 GMT
content-length
5390
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1615083784~rv=22~id=fe89a75c85779cb363172b737a675f13; path=/; Expires=Sun, 07 Mar 2021 02:23:04 GMT; Secure; SameSite=None
get
odb.outbrain.com/utils/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&idx=1&rand=26300&key=NANOWDGT01&widgetJSId=AR_4&va=true&et=true&format=html&pdobuid=-1&t=MjYwMDAyYmQ5YmM4M2E3ZWM2MmFiMTdmYmI3MmNiMGM=&adblck=false&abwl=false&px=187&py=3505&vpd=2305&settings=true&recs=true&version=2000238&sig=acJNMv0w&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea26a971949786128a5dcbb262ebfe777cb7a6a70750d2dcb8678cf653df6e99

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.48
x-cache-hits
0, 0
x-traceid
532cdfb31f0e337d0f4bdc1ad3a41536
content-encoding
gzip
content-length
4996
x-served-by
cache-lga21948-LGA, cache-fra19151-FRA
x-timer
S1615083785.698309,VS0,VE211
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
libsyn-fonts.css
static.libsyn.com/p/assets/platform/fonts/ Frame 7694 		5 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.libsyn.com/p/assets/platform/fonts/libsyn-fonts.css?family=Open+Sans:300,400,600,700,800
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
cee9374fc13a18761fed55a496af0a43f214255c97bb43af3b06f5b44589d03c

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Sun, 28 Jun 2020 22:26:43 GMT
etag
"1593383203"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds206.sk1.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
509
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame 7694 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
217714
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19740
cf-request-id
08ac17e1dc00004e2cb70fb000000001
timing-allow-origin
*
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
server
cloudflare
etag
"1544639647"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62c05c162ce84e2c-FRA
custom-player-bootstrap.min.css
static.libsyn.com/p/assets/platform/customplayer/ Frame 7694 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/custom-player-bootstrap.min.css?u=2018-07-09
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
654b91c942f577f5bf6247cd8205f1052bfa3cb5cbcdd1aad2731797f776f0ec

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Sun, 28 Jun 2020 22:26:36 GMT
etag
"1593383196"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds230.sk1.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
2542
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 7694 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
218413
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7050
cf-request-id
08ac17e1dc00004e2ca1897000000001
timing-allow-origin
*
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
server
cloudflare
etag
"1544639720"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62c05c162ce74e2c-FRA
css
fonts.googleapis.com/ Frame 7694 		2 KB
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 01:33:18 GMT
server
ESF
date
Sun, 07 Mar 2021 02:23:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 02:23:04 GMT
jcarousel.responsive.css
static.libsyn.com/p/assets/platform/customplayer/ Frame 7694 		2 KB
826 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/jcarousel.responsive.css
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
78512513fc22684ffb14efa1d150dad7416207241c73fb7c087a01bc7b883dcc

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Sun, 28 Jun 2020 22:26:37 GMT
etag
"1593383197"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds033.sk1.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
703
website.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/website.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
606b721ca8e71e52029c4c3018193d4cde92954e0fec6d1c5a220bbb4e09b99d

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:39 GMT
etag
"1593383199"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds023.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
1221
itunes.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/itunes.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7d1503b2c3953108b26f6ac15ae55abaedb60767c249d34661d3510080f5a9d8

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:38 GMT
etag
"1593383198"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds066.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
17168
tunein.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/tunein.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
495a00e135488bceed77036d772ef7b8a8803965c57718eb9ae70dda49b0dda0

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:39 GMT
etag
"1593383199"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds050.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785783
accept-ranges
bytes
content-length
1388
stitcher.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/stitcher.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f985b36ef9de4c44709a1ecaa72d230016ecf311d388006b3cdc737b6678ffcb

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:42 GMT
etag
"1593383202"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds065.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
3220
google_play.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/google_play.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fda12daf24a016c8b523bce28ae00077db0749ef28dd01b8cd8b8e70c13f4f64

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:38 GMT
etag
"1593383198"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds036.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785770
accept-ranges
bytes
content-length
9352
google_podcasts.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/google_podcasts.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2433422ca32c2c99802b31e1c88cf1b252c906fad6726dac086c5bb47f9f3399

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:38 GMT
etag
"1593383198"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds223.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785770
accept-ranges
bytes
content-length
13701
spotify.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/spotify.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
24bf977b8b12f84d612c8e996b96c1b82ee958f632cbf032f389f4fa0d383cae

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:39 GMT
etag
"1593383199"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds038.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
18488
deezer.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/deezer.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5eeaf17820a1131deca201df8e6e0ee60406edde21f2302f97c0ed59f39824d8

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:38 GMT
etag
"1593383198"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds017.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785782
accept-ranges
bytes
content-length
8605
radio_public.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/radio_public.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
90d45b081ddedc6d1a9edfde43110b1ef98ed463506b238b5b1e0da1c35494da

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:39 GMT
etag
"1593383199"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds218.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785783
accept-ranges
bytes
content-length
6591
rss.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/rss.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d66001f67ae05795438ab22f4e42d2d6fa8e1fc8d4f4f509326823d7c1e75e64

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:39 GMT
etag
"1593383199"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds026.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
1225
lock-black.svg
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/lock-black.svg
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
042f1cef0d455760639cfd578141c2179ac3c0a147c4fed12863b00d216a882e

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:38 GMT
etag
"1593383198"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds016.sk1.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=27785761
accept-ranges
bytes
content-length
1144
height_90_width_90_FP_1400x1400.9.png
ssl-static.libsyn.com/p/assets/4/b/b/8/4bb8453246b03bb5/ Frame 7694
Redirect Chain
  • https://assets.libsyn.com/secure/item/18202610/?height=90&width=90
  • https://ssl-static.libsyn.com/p/assets/4/b/b/8/4bb8453246b03bb5/height_90_width_90_FP_1400x1400.9.png
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl-static.libsyn.com/p/assets/4/b/b/8/4bb8453246b03bb5/height_90_width_90_FP_1400x1400.9.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5af646098c0134ef356c939f7d27b67371b0986db04ad5e08bfa87401194f986

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
last-modified
Tue, 30 Jun 2020 12:16:26 GMT
etag
"1593519386"
x-hw
1615083785.dop012.sk1.t,1615083785.cds071.sk1.hn,1615083785.cds047.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785860
accept-ranges
bytes
content-length
9315

Redirect headers

location
https://ssl-static.libsyn.com/p/assets/4/b/b/8/4bb8453246b03bb5/height_90_width_90_FP_1400x1400.9.png
date
Sun, 07 Mar 2021 02:23:05 GMT
x-libsyn-host
t3
access-control-allow-origin
*
content-length
0
server
Apache
content-type
text/html; charset=UTF-8
rss-sm.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		334 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/rss-sm.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
82f24f21c53f556fc649c89f52fb7db4664408f9480597056331f05b9dde50ae

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:38 GMT
etag
"1593383198"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds232.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
334
download.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		202 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/download.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
ca1700296b9c4b2b4bf99d6cf9a5792d0d43f9c210a944535cfa2b2214486fbf

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:38 GMT
etag
"1593383198"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds030.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
202
embed.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		338 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/embed.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
8a19721933e70954cf3f7a797cb6f09f70b77e2367f9ad6be41e6bce78cbc722

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:38 GMT
etag
"1593383198"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds063.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
338
share.png
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		374 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/share.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
6e0f006547bca3c24081d8800c009a631f19d18108683bf6ea19bdbc2bb01828

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Sun, 28 Jun 2020 22:26:39 GMT
etag
"1593383199"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds035.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
374
jquery.min.js
cdn.jsdelivr.net/npm/jquery@2.1.3/dist/ Frame 7694 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@2.1.3/dist/jquery.min.js
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2172229
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29587
etag
W/"14983-YsQELp68aRpTctZTtCRRKlYdFnA"
x-served-by
cache-fra19120-FRA
date
Sun, 07 Mar 2021 02:23:04 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 7694 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://html5-player.libsyn.com
Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
138673
cdn-cachedat
2021-03-04 14:40:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17e1e20000d70d5f3ae000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9b54da5ddc27a0353d87dfcc21244809
cf-ray
62c05c163a2dd70d-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery.nanoscroller.min.js
static.libsyn.com/p/assets/platform/customplayer/ Frame 7694 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/jquery.nanoscroller.min.js
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f46e8aea81be0e5d86904d49c8d3bf3d0353e51aa5e6f900a935d5c3b17e0b6b

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Sun, 28 Jun 2020 22:26:37 GMT
etag
"1593383197"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds039.sk1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=27785767
accept-ranges
bytes
content-length
3405
player-0.0.12.min.js
cdn.embed.ly/ Frame 7694 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.embed.ly/player-0.0.12.min.js
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.90.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41dcb916808791070bfcb1381a07d00b2bcf921ffcab510dbaab8e5614ccff28

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
195
x-amz-request-id
392697F93280572B
x-amz-id-2
ejeP1d9DDQiJhIPXwk4XC698uLpAhjOBWfEFD1EhEsIqfF7ChNqc9V5Fp3HdJF26XPcF9cFaYAo=
last-modified
Thu, 20 Oct 2016 16:43:58 GMT
server
cloudflare
etag
W/"58168a73f157819775f58340abbb2686"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
x-amz-version-id
null
cf-request-id
08ac17edf9000010ad48aad000000001
cf-ray
62c05c298de610ad-CPH
expires
Sun, 07 Mar 2021 06:23:07 GMT
jquery.jcarousel.min.js
static.libsyn.com/p/assets/platform/customplayer/ Frame 7694 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/jquery.jcarousel.min.js
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c934534eb9fefa3ae15481defd2ac395d108538ac932da8299c02d0bd3faca0

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
gzip
last-modified
Sun, 28 Jun 2020 22:26:37 GMT
etag
"1593383197"
x-hw
1615083784.dop012.sk1.t,1615083784.cds071.sk1.hn,1615083784.cds073.sk1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=27785762
accept-ranges
bytes
content-length
5295
sr
capi.connatix.com/tr/ Frame C2D3 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=106673
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.204.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-204-105.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 07 Mar 2021 02:23:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
f8261878-3167-47f3-8e1a-3b611a660597.bin
vid.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/ Frame C2D3 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/f8261878-3167-47f3-8e1a-3b611a660597.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bfe01da5cac23b8e496d7acf15ef710991f9ff008bf30273367596e0d3c43b89

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:07 GMT
content-encoding
gzip
last-modified
Sun, 07 Mar 2021 01:37:18 GMT
age
2307
etag
"027a6bdc364bbab49b2efd5c882220ba"
x-served-by
cache-bwi5133-BWI, cache-cph20648-CPH
vary
Accept-Encoding
x-cache
HIT, MISS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1615083788.831076,VS0,VE84
content-length
932
x-cache-hits
1, 0
1.png
img.connatix.com/2dd9afad-0104-402b-b341-830f7d9e8ccc/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/2dd9afad-0104-402b-b341-830f7d9e8ccc/1.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37180d9fd35707f0aa95cade2ae37c3e1e388fb8ac0f6403ba17f048c4f9dabb

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
via
1.1 varnish, 1.1 varnish
age
1452642
x-cache
HIT, HIT
fastly-io-info
ifsz=37351 idim=1633x832 ifmt=png ofsz=37351 odim=1633x832 ofmt=png
fastly-stats
io=1
content-encoding
br
content-length
36471
fastly-io-warning
Failed to shrink image
x-served-by
cache-dca17776-DCA, cache-cph20620-CPH
x-timer
S1615083785.728586,VS0,VE0
etag
"YPfeIwHjxMBnlmslJSM200r7KwrMHpyTHPlVBTqB8H8"
x-amz-request-id
X88CXR386YN797DR
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
x-cache-hits
2, 2
libsyn-player-custom.png
ssl-static.libsyn.com/p/assets/platform/html5player/ Frame 7694
Redirect Chain
  • https://assets.libsyn.com/player_logo/199565?theme=custom
  • https://ssl-static.libsyn.com/p/assets/platform/html5player/libsyn-player-custom.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl-static.libsyn.com/p/assets/platform/html5player/libsyn-player-custom.png
Requested by
Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4b52f7b6547e77d40ec2463b30963ed794f73849840ffc73d4760b3c61a68fdd

Request headers

Referer
https://html5-player.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
last-modified
Sun, 28 Jun 2020 22:26:52 GMT
etag
"1593383212"
x-hw
1615083785.dop012.sk1.t,1615083785.cds071.sk1.hn,1615083785.cds216.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27785760
accept-ranges
bytes
content-length
2639

Redirect headers

location
https://ssl-static.libsyn.com/p/assets/platform/html5player/libsyn-player-custom.png
date
Sun, 07 Mar 2021 02:23:05 GMT
x-libsyn-host
t4
access-control-allow-origin
*
content-length
0
server
Apache
content-type
text/html; charset=UTF-8
eyJpdSI6ImE2OTA1ZDljOWI3ZmM3ZTA0NDRjZTEyOTRlOWViNDQxMzNjMDE2YWFjM2UyNmQ1ODUwZmE3NWMxYWY4Y2ZjMjkiLCJ3IjozMDAsImgiOjIzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE2OTA1ZDljOWI3ZmM3ZTA0NDRjZTEyOTRlOWViNDQxMzNjMDE2YWFjM2UyNmQ1ODUwZmE3NWMxYWY4Y2ZjMjkiLCJ3IjozMDAsImgiOjIzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5900deffa4d8c0bf3687fb3769e7cbb3fb7fc3d4d54dd871f924d77dc7b93c50

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
cache-control
max-age=2462400
last-modified
Fri, 12 Feb 2021 21:30:09 GMT
x-traceid
d31d7727e7a7c3980b5cd94e838ceec0
timing-allow-origin
*
content-length
36418
content-type
image/webp
eyJpdSI6IjZlMGY1MmM4ODI2NzU0N2YzNWUwZmRiZjdjNTYwMTkzYjg5NTk0YjVlYTNlY2IwNTYwOTBiYzE5MzhjYTg2ZjEiLCJ3IjozMDAsImgiOjIzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZlMGY1MmM4ODI2NzU0N2YzNWUwZmRiZjdjNTYwMTkzYjg5NTk0YjVlYTNlY2IwNTYwOTBiYzE5MzhjYTg2ZjEiLCJ3IjozMDAsImgiOjIzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
16bd9656ff0de76ced47ee75fb4f7381aae403250cd8d985d8e6780f154b6e04

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
cache-control
max-age=2462400
last-modified
Wed, 24 Feb 2021 07:06:07 GMT
x-traceid
fae5c9764195ba19dd2d9f6925c96ef3
timing-allow-origin
*
content-length
42672
content-type
image/webp
eyJpdSI6ImRmZTNjNWZiYTNjOWU4ZTk4ZDE4NjU4MzcyNmE1M2RiN2NmYjBmZmU2NjdkMmM0MjFkMDViZDhiOThhYjhhMjgiLCJ3IjozMDAsImgiOjIzNSwiZCI6MS41LCJjaCI6LTE0NzA0MzMzNTcsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRmZTNjNWZiYTNjOWU4ZTk4ZDE4NjU4MzcyNmE1M2RiN2NmYjBmZmU2NjdkMmM0MjFkMDViZDhiOThhYjhhMjgiLCJ3IjozMDAsImgiOjIzNSwiZCI6MS41LCJjaCI6LTE0NzA0MzMzNTcsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e67498d3b55e633b89bd50a05e5a4e80125bd92b5c007c7ce29c0665f9aa33c

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
cache-control
max-age=2462400
last-modified
Thu, 25 Feb 2021 14:42:54 GMT
x-traceid
c210a91184a28b90fe653f3ff1829ef5
timing-allow-origin
*
content-length
61388
content-type
image/webp
/
trends.newsmaxwidget.com/api/demand/ 		52 B
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/api/demand/?w=167080&wlw=newsmaxwidget.com
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.washingtontimes.com
date
Sun, 07 Mar 2021 02:23:04 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.newsmaxwidget.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/sync
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.washingtontimes.com
date
Sun, 07 Mar 2021 02:23:04 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
error
quantcount.com/log/ 		0
0
pixel;r=88747152;labels=Author.Alex%20Swoyer%2CKeywords.Law%20Crime%2CKeywords.Education%2CKeywords.Supreme%20Court%2CKeywords.Snapchat%2CKeywords.Department%20Of%20Justice%2CTitle.Biden%20administ...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=88747152;labels=Author.Alex%20Swoyer%2CKeywords.Law%20Crime%2CKeywords.Education%2CKeywords.Supreme%20Court%2CKeywords.Snapchat%2CKeywords.Department%20Of%20Justice%2CTitle.Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%2CCategory.Politics;rf=0;uht=2;a=p-c69_1G6fdlihY;url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F;fpan=1;fpa=P0-520498296-1615083784838;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=washingtontimes.com;je=0;sr=1600x1200x24;dst=1;et=1615083784838;tzo=-60;ogl=title.Biden%20administration%20sides%20against%20cheerleader%20in%20First%20Amendment%20case%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ewashingtontimes%252Ecom%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-%2Cimage.https%3A%2F%2Ftwt-thumbs%252Ewashtimes%252Ecom%2Fmedia%2Fimage%2F2021%2F03%2F04%2FAP110919057742_c0-408-48%2Cimage%3Awidth.1200%2Cimage%3Aheight.700%2Csite_name.The%20Washington%20Times%2Cdescription.The%20Biden%20administration%20has%20waded%20into%20a%20Supreme%20Court%20free-speech%20battle%20to%20si
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=329974197684672&ev=PageView&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&rl=&if=false&ts=1615083784849&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615083784847.1779766752&it=1615083783986&coo=false&rqm=GET
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 07 Mar 2021 02:23:04 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=450591302454597&ev=PageView&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&rl=&if=false&ts=1615083784852&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615083784847.1779766752&it=1615083783986&coo=false&rqm=GET
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 07 Mar 2021 02:23:04 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=329974197684672&ev=ViewContent&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&rl=&if=false&ts=1615083784853&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1615083784847.1779766752&it=1615083783986&coo=false&rqm=GET
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 07 Mar 2021 02:23:04 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=450591302454597&ev=ViewContent&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&rl=&if=false&ts=1615083784854&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1615083784847.1779766752&it=1615083783986&coo=false&rqm=GET
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 07 Mar 2021 02:23:04 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=450591302454597&ev=Subscribe&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&rl=&if=false&ts=1615083784856&cd[value]=0.00&cd[currency]=USD&cd[predicted_ltv]=0.00&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1615083784847.1779766752&it=1615083783986&coo=false&tm=1&rqm=GET
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 07 Mar 2021 02:23:04 GMT
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637497991735503065
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a03ff559-e73a-4fb6-91a2-074fb72400fe/user.js?cb=637504667690525684
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Mar 2021 02:23:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
276353
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
cf-request-id
08ac17e2d400004e1a38927000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
00c0cd18-301e-012a-0ef4-0a66d1000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
62c05c17bd3b4e1a-FRA
expires
Mon, 07 Mar 2022 02:23:04 GMT
z
lightboxapi.azurewebsites.net/z9gd/42546/www.washingtontimes.com/jsonp/ 		537 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi.azurewebsites.net/z9gd/42546/www.washingtontimes.com/jsonp/z?cb=1615083784940&callback=jQuery171008364930091208556_1615083784900&_=1615083784941
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a03ff559-e73a-4fb6-91a2-074fb72400fe/user.js?cb=637504667690525684
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
224507312e7123d83cd11553c582e7a8318fff2aa15cf013c5c4e62590db2ae2

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/javascript
t.gif
www.lightboxcdn.com/z9g/ 		35 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1615083784911&h=www.washingtontimes.com&e=p&u=42546
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Mar 2021 02:23:05 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
1305304
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
cf-request-id
08ac17e34800004e1a28ba0000000001
x-ms-lease-status
unlocked
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
fea83bb3-001e-000f-6618-dbb837000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62c05c187ddb4e1a-FRA
cf-bgj
imgq:85,h2pri
open-sans-v15-latin-regular.woff2
static.libsyn.com/p/assets/platform/fonts/ Frame 7694 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.libsyn.com/p/assets/platform/fonts/open-sans-v15-latin-regular.woff2
Requested by
Host: static.libsyn.com
URL: https://static.libsyn.com/p/assets/platform/fonts/libsyn-fonts.css?family=Open+Sans:300,400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Request headers

Origin
https://html5-player.libsyn.com
Referer
https://static.libsyn.com/p/assets/platform/fonts/libsyn-fonts.css?family=Open+Sans:300,400,600,700,800
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
last-modified
Sun, 28 Jun 2020 22:26:43 GMT
etag
"1593383203"
x-hw
1615083786.dop001.sk1.t,1615083786.cds213.sk1.hn,1615083786.cds038.sk1.c
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=27785760
accept-ranges
bytes
content-length
14048
open-sans-v15-latin-700.woff2
static.libsyn.com/p/assets/platform/fonts/ Frame 7694 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.libsyn.com/p/assets/platform/fonts/open-sans-v15-latin-700.woff2
Requested by
Host: static.libsyn.com
URL: https://static.libsyn.com/p/assets/platform/fonts/libsyn-fonts.css?family=Open+Sans:300,400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc

Request headers

Origin
https://html5-player.libsyn.com
Referer
https://static.libsyn.com/p/assets/platform/fonts/libsyn-fonts.css?family=Open+Sans:300,400,600,700,800
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
last-modified
Sun, 28 Jun 2020 22:26:43 GMT
etag
"1593383203"
x-hw
1615083786.dop001.sk1.t,1615083786.cds213.sk1.hn,1615083786.cds206.sk1.c
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=27785760
accept-ranges
bytes
content-length
14720
aax.js
c.aaxads.com/ 		368 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAX428WDR&hst=www.washingtontimes.com&ver=1.2
Requested by
Host: absorbingband.com
URL: https://absorbingband.com/v2/0/mpgojj9okZ_PK5RI-vjl1MO6LRJveNXviP_MxooIfCpxH3OCglgZD0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.153 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fb45ceaaf3d076bd6133fb3a5728b6902bc0499104ab432f316d71a1d7e0e4e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Sun, 07 Mar 2021 02:23:05 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Sun, 07 Mar 2021 02:53:05 GMT
cx.cce.js
cdn.cxense.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9b18e7bfca8064c887385c5cf57bdbcb6f7d263d0fb9cb320d94bc1f82a62a7c

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Feb 2021 15:28:34 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5903
Expires
Sun, 07 Mar 2021 03:23:05 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7CC1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
adab1e55d321a65d4cc1abde330164c08c91229115cedb201979279136212941

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 14:48:18 GMT
server
AkamaiNetStorage
etag
"334ff8070b2bf55584902b19bda82fb2:1614783561.777289"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
777
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2100160&ntv_pl=765919
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-247-206.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=d39bf3cc-799c-46a8-a6bb-84c7a0929aab&ntv_fl=h2P4HE7ZCUvEjDV_pMCVOCcDv-2NCFWSuzZyVMSKvXBKjAOG6IO8FXjcOwEddvjG&ntv_ht=CDlEYAA&ntv_at=303,302&ntv_a=AAAAAAAAAA368LA&ord=1615083785062&ntv_it
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-247-206.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=d39bf3cc-799c-46a8-a6bb-84c7a0929aab&ntv_fl=h2P4HE7ZCUvEjDV_pMCVOCcDv-2NCFWSuzZyVMSKvXBKjAOG6IO8FXjcOwEddvjG&ntv_ht=CDlEYAA&ntv_at=323&ntv_a=AAAAAAAAAA368LA&ntv_jtr=4&ntv_it
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-247-206.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=765919&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-247-206.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B402 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
adab1e55d321a65d4cc1abde330164c08c91229115cedb201979279136212941

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 14:48:18 GMT
server
AkamaiNetStorage
etag
"334ff8070b2bf55584902b19bda82fb2:1614783561.777289"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
777
beacon.js
sb.scorecardresearch.com/ Frame 1493 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Mon, 08 Mar 2021 02:23:05 GMT
/
trends.newsmaxwidget.com/api/delivery/ 		37 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/api/delivery/?w=167080&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&va=1&time=1615083785078&up=pc&bn=chrome&bv=89
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
7f7e1f11eb1bbb42db2f2dcb9e831116d92d5a69e38cd1241bdc6852a9392301
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
14445
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=c450c0e69d92d380ed2708d6626486dd_8110_1615083784862&tm=1112&eT=0&widgetWidth=879&widgetHeight=96&widgetX=187&widgetY=3506&tpcs=1&wRV=2000238&pVis=1&lsd=-1&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
X-TraceId
2f8bfb7d7cff4d79ed17cff2c08d73e8
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
get
odb.outbrain.com/utils/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&idx=2&rand=79618&key=NANOWDGT01&widgetJSId=AR_7&va=true&et=true&format=html&pdobuid=-1&t=MjYwMDAyYmQ5YmM4M2E3ZWM2MmFiMTdmYmI3MmNiMGM=&adblck=false&abwl=false&px=187&py=5241&vpd=4041&settings=true&recs=true&version=2000238&sig=acJNMv0w&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e97bf2da8af9bb5e5b6cd72ced4e7423d8b8d6ccd218c517dc9d4f554e09b8b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.31
x-cache-hits
0, 0
x-traceid
d015538997e1b6a78367b050e363cc8f
content-encoding
gzip
content-length
4896
x-served-by
cache-lga21931-LGA, cache-fra19151-FRA
x-timer
S1615083785.157525,VS0,VE246
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6ImRjNDgzMGViODZlOGMzYmY2NjM4YzRmZjY4ZmZiNTFkNTNlMjVkZTU5ODhmMGRiZDdjZjUxYzJmZjg1OTU3ZTIiLCJ3Ijo4NiwiaCI6ODYsImQiOjEuNSwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRjNDgzMGViODZlOGMzYmY2NjM4YzRmZjY4ZmZiNTFkNTNlMjVkZTU5ODhmMGRiZDdjZjUxYzJmZjg1OTU3ZTIiLCJ3Ijo4NiwiaCI6ODYsImQiOjEuNSwiY3MiOjAsImYiOjR9.webp
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b20394fb233b0e841738dd8193dbfdc8ea99822d35965ae861d1baa6a3c82b4a

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
cache-control
max-age=2462400
last-modified
Wed, 03 Mar 2021 09:01:57 GMT
x-traceid
e30d894e9562cb75cae1b0d6b6052db0
timing-allow-origin
*
content-length
3570
content-type
image/webp
verify
id.tinypass.com/id/api/v1/identity/token/ 		208 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery1124010795058771698907_1615083784878&client_id=hph4LAYuC6&site=https%3A%2F%2Fwww.washingtontimes.com&_=1615083784879
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0665034c0fbb106559df18f216304d5365e2e3a987457fef0a3bc0a0531dd0f6
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08ac17e3f40000073e79a32000000001
x-request-id
ChmukpqkUnq
pragma
no-cache
wn
prod-id-10-0-122-150
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials
true
server-time
0.004
cf-ray
62c05c198bd1073e-FRA
access-control-allow-headers
origin, content-type, accept, authorization
expires
Thu, 01 Jan 1970 00:00:00 GMT
Attt
ad.doubleclick.net/ddm/adj/Ajoqz/ 		11 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/Ajoqz/Attt
Requested by
Host: absorbingband.com
URL: https://absorbingband.com/v2/0/mpgojj9okZ_PK5RI-vjl1MO6LRJveNXviP_MxooIfCpxH3OCglgZD0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B25209449.293404736;dc_pre=CN3FuPqPne8CFevtuwgdK6kFFQ;dc_trk_aid=486880299;dc_trk_cid=144677242;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_co...
ad.doubleclick.net/ddm/trackimp/N1114924.1984505OUTBRAIN/ Frame 7CC1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1114924.1984505OUTBRAIN/B25209449.293404736;dc_trk_aid=486880299;dc_trk_cid=144677242;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
  • https://ad.doubleclick.net/ddm/trackimp/N1114924.1984505OUTBRAIN/B25209449.293404736;dc_pre=CN3FuPqPne8CFevtuwgdK6kFFQ;dc_trk_aid=486880299;dc_trk_cid=144677242;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=...
42 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1114924.1984505OUTBRAIN/B25209449.293404736;dc_pre=CN3FuPqPne8CFevtuwgdK6kFFQ;dc_trk_aid=486880299;dc_trk_cid=144677242;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?&obRequestId=tXjQ_-CsnM9Fe2OblyFRglIc0EetFS9vtbLofrA2AokRBK3YdXFrLF9ox8vrsVxN&obTimestamp=1615083784237
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1114924.1984505OUTBRAIN/B25209449.293404736;dc_pre=CN3FuPqPne8CFevtuwgdK6kFFQ;dc_trk_aid=486880299;dc_trk_cid=144677242;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?&obRequestId=tXjQ_-CsnM9Fe2OblyFRglIc0EetFS9vtbLofrA2AokRBK3YdXFrLF9ox8vrsVxN&obTimestamp=1615083784237
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.jpg
tps.doubleverify.com/ Frame B402 		305 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=1681949&cmp=25209449&sid=5395078&plc=293404736&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&&obRequestId=tXjQ_-CsnM9Fe2OblyFRglIc0EetFS9vtbLofrA2AokRBK3YdXFrLF9ox8vrsVxN&obTimestamp=1615083784237
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:04 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=0
Content-Length
142
Expires
3/6/2021 2:23:05 AM
b
sb.scorecardresearch.com/ Frame 1493 		0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=8110&cs_ucfr=1&ns__t=1615083785110&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D8110%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDK&c9=https%3A%2F%2Fwww.washingtontimes.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:05 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ 		111 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6ecec59b25967f1bdaa608b17605aec20f75a0f75ca9caaf178fa13f0d0cc3c9

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Mar 2021 12:14:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26762
Expires
Sun, 07 Mar 2021 03:23:05 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame DD10 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: absorbingband.com
URL: https://absorbingband.com/v2/0/mpgojj9okZ_PK5RI-vjl1MO6LRJveNXviP_MxooIfCpxH3OCglgZD0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Tue, 02 Mar 2021 22:43:10 GMT
expires
Wed, 02 Mar 2022 22:43:10 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
358795
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
execute
experience.tinypass.com/xbuilder/experience/ 		16 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/execute?aid=hph4LAYuC6
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b30d70ab6ab60c41964f3fa9f33808b917fef580c089f3b915d596141d0cf3e7
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08ac17e4870000073e7f3db000000001
x-request-id
ChmukpqIJlM
pragma
no-cache
wn
prod-exp-10-0-88-151
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
62c05c1a7c61073e-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
113 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarydwAzAiAq8piZBM69

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sun, 07 Mar 2021 02:23:05 GMT
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryjN5kaBWbeaC7md5z

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sun, 07 Mar 2021 02:23:05 GMT
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.washingtontimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.washingtontimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		372 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1511812957391225&correlator=4281718979944560&output=ldjh&impl=fifs&eid=44733568&vrg=2021030201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210307&iu_parts=5856%2CDesktop_InFeed1_Articles%2CDesktop_RR_Articles_Top%2CDesktop_RR_Articles_1%2CDesktop_RR_Articles_2%2CDesktop_RR_Articles_3%2CDesktop_RR_Articles_4%2CDesktop_InFeed_Articles_BTF%2Cwash.times%2Cbiden-administration-sides-with-cheerleader-in-fir&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3%2C0%2F4%2C0%2F5%2C0%2F6%2C0%2F7%2C%2F0%2F8%2F9&prev_iu_szs=728x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%7C300x1050%2C300x250%7C300x600%7C300x1050%2C300x250%7C300x600%7C300x1050%2C728x90%2C1x1&ists=1&prev_scp=site%3Dproduction%26cat%3Dpolitics%2Cpolitics%26tag%3Dsupreme%2520court%2Cdepartment%2520of%2520justice%26slug%3Dbiden-administration-sides-with-cheerleader-in-fir%26contenttype%3Dstory%26amznbid%3D2%26amznp%3D2%7Csite%3Dproduction%26cat%3Dpolitics%2Cpolitics%26tag%3Dsupreme%2520court%2Cdepartment%2520of%2520justice%26slug%3Dbiden-administration-sides-with-cheerleader-in-fir%26contenttype%3Dstory%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D1.00%26hb_adid%3D738d847540937d9%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D1.00%26hb_adid_rubicon%3D738d847540937d9%26hb_bidder_rubicon%3Drubicon%7Csite%3Dproduction%26cat%3Dpolitics%2Cpolitics%26tag%3Dsupreme%2520court%2Cdepartment%2520of%2520justice%26slug%3Dbiden-administration-sides-with-cheerleader-in-fir%26contenttype%3Dstory%26amznbid%3D2%26amznp%3D2%7Csite%3Dproduction%26cat%3Dpolitics%2Cpolitics%26tag%3Dsupreme%2520court%2Cdepartment%2520of%2520justice%26slug%3Dbiden-administration-sides-with-cheerleader-in-fir%26contenttype%3Dstory%26amznbid%3D2%26amznp%3D2%7Csite%3Dproduction%26cat%3Dpolitics%2Cpolitics%26tag%3Dsupreme%2520court%2Cdepartment%2520of%2520justice%26slug%3Dbiden-administration-sides-with-cheerleader-in-fir%26contenttype%3Dstory%26amznbid%3D2%26amznp%3D2%7Csite%3Dproduction%26cat%3Dpolitics%2Cpolitics%26tag%3Dsupreme%2520court%2Cdepartment%2520of%2520justice%26slug%3Dbiden-administration-sides-with-cheerleader-in-fir%26contenttype%3Dstory%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D1.00%26hb_adid%3D75d81877027e835%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D1.00%26hb_adid_rubicon%3D75d81877027e835%26hb_bidder_rubicon%3Drubicon%7Csite%3Dproduction%26cat%3Dpolitics%2Cpolitics%26tag%3Dsupreme%2520court%2Cdepartment%2520of%2520justice%26slug%3Dbiden-administration-sides-with-cheerleader-in-fir%26contenttype%3Dstory%26amznbid%3D2%26amznp%3D2%7Cpos%3Doop%26contenttype%3Dstory%26slug%3Dbiden-administration-sides-with-cheerleader-in-fir%26cat%3Dpolitics%2Cpolitics&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1615083785&dt=1615083785414&dlt=1615083783245&idt=820&frm=20&biw=1600&bih=1200&oid=3&adxs=187%2C1098%2C1098%2C1098%2C1098%2C1098%2C436%2C0&adys=296%2C991%2C2047%2C2492%2C3358%2C3971%2C5419%2C0&adks=3986118909%2C15104738%2C3621914236%2C1445592008%2C3377208365%2C2956591803%2C581740282%2C1814301622&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1226x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C1600x-1%7C1600x272&msz=1226x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C1600x-1%7C1600x1&ga_vid=1418632457.1615083784&ga_sid=1615083785&ga_hid=1873602385&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2c966bcad6807c88428e08bb9a3af745fb55bfced638d00d5ca7598009937e8d
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COzPxPqPne8CFUq9dwodZLwPEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/11115701456514206122/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPLPxPqPne8CFUq9dwodZLwPEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7416904685967114240/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDPxPqPne8CFUq9dwodZLwPEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6971243240602723390/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO_PxPqPne8CFUq9dwodZLwPEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/17238692523308744704/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COzPxPqPne8CFUq9dwodZLwPEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/11115701456514206122/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPLPxPqPne8CFUq9dwodZLwPEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7416904685967114240/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDPxPqPne8CFUq9dwodZLwPEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6971243240602723390/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO_PxPqPne8CFUq9dwodZLwPEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/17238692523308744704/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
google-creative-id
-1,138245233500,-1,-1,-1,138245232564,-1,138299581776
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64298
x-xss-protection
0
google-lineitem-id
-1,4808885401,-1,-1,-1,4808885401,-1,5262456918
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Sun, 07 Mar 2021 02:23:05 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.washingtontimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Cookie set a-01en
i.liadm.com/s/c/ Frame CAF8 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01en?s=&cim=&ps=true&ls=true&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.51.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-51-83.compute-1.amazonaws.com
Software
/
Resource Hash
1d4363cb3a69289032e814e14f8cd3d035fcb44c457b21dae15c772d3beae374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
i.liadm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lidid=20330a1b-6525-4f3a-bb3e-d1566a2846de
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Cache-Control
private, no-cache, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Mar 2021 02:23:06 GMT
ETag
1.61803398874
Set-Cookie
_li_ss=MgUIBhDzDjIFCAoQ8w4yBQh6EPIOMgYIiwEQ8w4yBQgLEPMOMgUICxDzDjIFCHkQ8g4; Max-Age=2592000; Expires=Tue, 06 Apr 2021 02:23:06 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Content-Length
638
Connection
keep-alive
script.js
d1bvk193qme2fc.cloudfront.net/ 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bvk193qme2fc.cloudfront.net/script.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9400:19:f03c:7200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
027cdd160b8cd7846376309f6a3f089087d4da7d1fe894dbfb41a7ca682420df

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:21:59 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 16:23:33 GMT
server
AmazonS3
age
69
etag
W/"29a74dafc784a65c2d82f355f88118a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
AfcTf2etD6piLnAWjFlYwGFrNIzQ08efwKOg0O5DwKRhZGiRMoQKrw==
impression
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/impression
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.washingtontimes.com
date
Sun, 07 Mar 2021 02:23:06 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=93a36b71ca2961794480d3ff8df34e99_8110_1615083785350&tm=1483&eT=0&widgetWidth=879&widgetHeight=96&widgetX=187&widgetY=5357&wRV=2000238&pVis=1&lsd=-1&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
gzip
X-TraceId
56b84029ce3c3cd5ca9842ad561fa944
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.washingtontimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Sun, 07 Mar 2021 02:23:06 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
show
buy.tinypass.com/checkout/template/ Frame 350B 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3a5342d64afc4bd38dd51f29ec3ac0cb2ca54b7f996d9b0f08d84458985bc0
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Xss-Protection 0

Request headers

:method
GET
:authority
buy.tinypass.com
:scheme
https
:path
/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-type
text/html;charset=UTF-8
access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
no-cache
server-time
0.003
set-cookie
LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4dCHpYY3GFDFkp; SameSite=Lax; path=/; expires=Mon, 08-Mar-21 01:23:05 GMT; HttpOnly
strict-transport-security
max-age=60; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-120-108
x-forwarded-https
on
x-request-id
Chmukpq34JL
x-xss-protection
0
cf-cache-status
DYNAMIC
cf-request-id
08ac17e5680000073e3994f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62c05c1bdd50073e-FRA
content-encoding
br
sp1.html
scdn.cxense.com/ Frame 18CC 		328 B
589 B 		Document
General
Check archive.org
Download Go to
Full URL
https://scdn.cxense.com/sp1.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
80b61d2fc70eee642aed7435f362d8c68baa653a04e2d2d8cf351f5d6615cafc

Request headers

Host
scdn.cxense.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Accept-Ranges
bytes
Last-Modified
Wed, 29 Aug 2012 13:33:36 GMT
Server
AkamaiNetStorage
Content-Length
219
Cache-Control
max-age=864000
Expires
Wed, 17 Mar 2021 02:23:05 GMT
Date
Sun, 07 Mar 2021 02:23:05 GMT
Connection
keep-alive
Content-Type
text/html
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
/
ct.pinterest.com/md/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:05 GMT
referrer-policy
origin
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
0
x-pinterest-rid
3996428329642830
expires
Sat, 01 Jan 2000 00:00:00 GMT
6038cb6a6d21e4-97228583.jpeg
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/6038cb6a6d21e4-97228583.jpeg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
10eb41d427bfc520303ddd2030efa84b948af3148e19a2771ff4031a71d2b356
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-03-05T18:49:57.658Z;desc=hit,rtt;dur=1
content-length
20818
x-request-id
8cf16a7146c2ac300fad8e36f2242bfe
last-modified
Wed, 03 Mar 2021 16:21:30 GMT
server
Cloudinary
etag
"942c9c0c043edc701839266ad3d15741"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds003.sk1.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
6dcae0472b5615d10b0cff0d7fff759c.png
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/6dcae0472b5615d10b0cff0d7fff759c.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
56674d6046543e640ff4beae11f6a9a612c60956e4f06e4c81da95d01f6dc4b0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-03-01T22:03:43.067Z;desc=hit,rtt;dur=1
content-length
42977
last-modified
Mon, 01 Mar 2021 22:02:03 GMT
server
Cloudinary
etag
"816ec29d5866081e045b202701fc8ce8"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds058.sk1.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5f3d542c56d5b8-06589581.jpg
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/5f3d542c56d5b8-06589581.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
73a6f3e8289d47f50cade01fe5ec478922b9e3a615f615525739b0862821a8cd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-03-01T22:03:43.054Z;desc=hit,rtt;dur=1
content-length
10164
last-modified
Mon, 01 Mar 2021 22:01:59 GMT
server
Cloudinary
etag
"8cc5befefeab23d6af32ec0580850a57"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds220.sk1.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5fd408e4a6c062-00078348.gif
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/5fd408e4a6c062-00078348.gif
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3e57440bf2180995422b9bda646ee287036081f59b8139370143d98409d16b6a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-03-01T22:51:50.063Z;desc=hit,rtt;dur=0
content-length
45891
last-modified
Mon, 01 Mar 2021 22:02:27 GMT
server
Cloudinary
etag
"bab50dfa99bb3ce8ca8132abde0ac903"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds026.sk1.c
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5ec6704ceadd97-70821404.jpg
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/5ec6704ceadd97-70821404.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
4adc948e810968e073c6cbd8e9c5d8161194b859524e54bfaba278a676f7d30f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=131;cpu=1;start=2021-03-01T22:14:48.436Z;desc=miss,rtt;dur=0,cloudinary;dur=38;start=2021-03-01T22:14:48.485Z
content-length
12034
last-modified
Mon, 01 Mar 2021 22:02:41 GMT
server
Cloudinary
etag
"364074549dfcc0e3f9e6715d44c4e5cf"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds053.sk1.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
68e4db568296e2149cd9335740792bc9.jpg
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/68e4db568296e2149cd9335740792bc9.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
e898be9760094910e11bbca4975c2bf4488a85b484d7995998612a5a497cf676
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-03-01T22:06:37.013Z;desc=hit,rtt;dur=1
content-length
43082
last-modified
Mon, 01 Mar 2021 22:02:25 GMT
server
Cloudinary
etag
"f23b2aee6c821216eadda702d4976a12"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds057.sk1.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
e17c02423185e9103f03f8ac4f159b0d.jpg
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/e17c02423185e9103f03f8ac4f159b0d.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
dc921297fedbb9b57738b8232395f4abd11b0b6075c2de8c56784bad09151786
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-03-02T07:20:51.870Z;desc=hit,rtt;dur=0
content-length
41379
x-request-id
46f53e161794c8b6aa2edec27a55d55e
last-modified
Mon, 12 Oct 2020 18:15:00 GMT
server
Cloudinary
etag
"96c81b2afb3a3928b0f38f737e6e95b3"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds023.sk1.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
e9294a3b489d65e7f2317e4a5639be1f.jpg
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/e9294a3b489d65e7f2317e4a5639be1f.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
b53e03421cd79a7fe3d896ee7b78076a23580d79414a8b151b22f913cd1ed411
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-03-01T22:46:19.142Z;desc=hit,rtt;dur=0
content-length
43873
x-request-id
65315b46cf0115f5f895aa6bed6351c9
last-modified
Mon, 12 Oct 2020 18:14:10 GMT
server
Cloudinary
etag
"3e4a2a6174996afc8e3b3c29164afac1"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds048.sk1.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cx.js
scdn.cxense.com/ Frame 18CC 		111 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.cxense.com/cx.js
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6ecec59b25967f1bdaa608b17605aec20f75a0f75ca9caaf178fa13f0d0cc3c9

Request headers

Referer
https://scdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Mar 2021 12:14:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26762
Expires
Sun, 07 Mar 2021 03:23:05 GMT
p1.js
sp1cluster.cxense.com/ Frame 18CC 		47 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sp1cluster.cxense.com/p1.js
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.80.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
e836ad6982ae2403bb0949a4a8282c23c026e58dc41258c62e115d2da11ef422

Request headers

Referer
https://scdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
last-modified
Mon, 07 Sep 2020 02:23:05 GMT
server
Jetty(9.4.28.v20200408)
etag
3va04hcjkdp7h30jtrjzmqc12t
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
private, proxy-revalidate
content-type
text/javascript;charset=utf-8
content-length
47
expires
Mon, 07 Mar 2022 02:23:05 GMT
3060a390499ce8b97164302de6a5b6a7.jpeg
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/3060a390499ce8b97164302de6a5b6a7.jpeg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c19c17717e0a355b639e72b32e2117916ce787672b84d757e572cd2157a0003f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-03-07T02:23:06.881Z;desc=hit,rtt;dur=1
content-length
38957
last-modified
Sun, 07 Mar 2021 01:54:18 GMT
server
Cloudinary
etag
"fc4886f51e032e09e9b149958f72f367"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds014.sk1.sc,1615083786.cds014.sk1.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
60384240e8ebf2-85882311.png
images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/60384240e8ebf2-85882311.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d5148671ed403209f418e0b736904fcb71612a702c5d08006f27422dd16b2e93
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-03-01T22:06:36.804Z;desc=hit,rtt;dur=1
content-length
35311
last-modified
Mon, 01 Mar 2021 22:02:10 GMT
server
Cloudinary
etag
"7c3dcfec8d871e492a3022800039ed18"
vary
Save-Data
x-hw
1615083786.cds029.sk1.hn,1615083786.cds067.sk1.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
analyticstrain.min.js
cdn.boomtrain.com/analyticstrain/washington-times/ 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/analyticstrain/washington-times/analyticstrain.min.js?_=1615083785744
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88ac7402288fb99657bb2aa25bc8898eb867a347759b592194df8dcead77ad63

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Sun, 07 Mar 2021 02:23:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 02 Mar 2021 05:05:46 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ZAG50-C1
ETag
W/"3ff7acd5812833fc1409869c6ad64214"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 a65cc3f0f56427b7099c895c026d63f0.cloudfront.net (CloudFront)
Cache-Control
public, max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
DnSU1DoJgoJBoZWFwCydXXOgrEJsrDN0Pv8c8qu2_msFvDNwqfgn_Q==
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 350B 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01745476fa67ef15daf1d7cae8abfc2915ea63f772b45d62d8dbb3aad4e3283e
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
3907
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08ac17e6280000073e0db61000000001
wn
prod-dash-10-200-3-186
last-modified
Sat, 06 Mar 2021 13:42:16 GMT
server
cloudflare
etag
W/"27158-1615038136000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
62c05c1d0e30073e-FRA
expires
Sun, 07 Mar 2021 04:23:05 GMT
loadTranslationMap
buy.tinypass.com/checkout/general/ Frame 350B 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/general/loadTranslationMap?aid=hph4LAYuC6&version=1542299356000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e99a50bbc1d9a3fa157c312f7bf0732452a7f38b23c37363c830527def5f76d
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
454
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08ac17e6280000073efab50000000001
x-request-id
Cv9ukpqY0A2
pragma
wn
prod-dash-10-0-143-243
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400
cf-ray
62c05c1d0e31073e-FRA
expires
Mon, 08 Mar 2021 02:23:05 GMT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 350B 		45 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.102.3
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df28da188fe7239191da0339300eca239e48b5ac70209f68a90eba74a7e7013f
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
54316
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08ac17e6280000073e65865000000001
wn
prod-dash-10-0-93-226
last-modified
Sat, 06 Mar 2021 13:42:16 GMT
server
cloudflare
etag
W/"46069-1615038136000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400
cf-ray
62c05c1d0e32073e-FRA
expires
Mon, 08 Mar 2021 02:23:05 GMT
angular-locale_en-us.js
buy.tinypass.com/_sam/widget/dist/template/js/template.bundle,/libs/angular-1.2.22/i18n/ Frame 350B 		355 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/widget/dist/template/js/template.bundle,/libs/angular-1.2.22/i18n/angular-locale_en-us.js?v=12.102.3
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164346316ca3ee6a3d7b0f85cf2c2afb022c2642a107fbac67851cee49ab820b
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
54314
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08ac17e6290000073e04a57000000001
wn
prod-dash-10-0-116-5
last-modified
Sat, 06 Mar 2021 13:52:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=550486
x-optimized-by
_sam
cf-ray
62c05c1d0e33073e-FRA
expires
Sat, 13 Mar 2021 11:17:51 GMT
twt-arrow-down.svg
i.piano.io/managedservices/the-washington-times/ Frame 350B 		229 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.piano.io/managedservices/the-washington-times/twt-arrow-down.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448891304e15f4a4b07cca00f13552fa1b9d0d7815389794d9fd506f3ba48b47

Request headers

Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
via
1.1 78ddfb54ad788c32ecf2935db37685b8.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
2705
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17e6e900002be9a6b38000000001
last-modified
Fri, 23 Aug 2019 16:07:02 GMT
server
cloudflare
etag
W/"b0bf084613eb0e0e7fe2db4e8bc3376d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-cf-pop
LHR62-C4
cf-ray
62c05c1e48222be9-FRA
x-amz-cf-id
7idmB_zvRUvXKvt_fqh6KKx46Shv8zvEXL5zEGAcHFSbb9jSW-6UDQ==
expires
Sun, 07 Mar 2021 06:23:05 GMT
twt-logo-w-white.svg
i.piano.io/managedservices/the-washington-times/ Frame 350B 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.piano.io/managedservices/the-washington-times/twt-logo-w-white.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b04729edd9eee58f0026b7123ebaa0c4578d517f858fcc4fb83946e4aa7f05b7

Request headers

Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
via
1.1 23f61cf92a98db6b426338b85a31b05f.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
2705
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17e6e900002be950b6d000000001
last-modified
Mon, 26 Aug 2019 01:49:23 GMT
server
cloudflare
etag
W/"834261379ab52bd5b430a953c5b7c9f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-cf-pop
LHR62-C4
cf-ray
62c05c1e48232be9-FRA
x-amz-cf-id
GPX2AVrb-lRlInI1Lx_KLr0NRXzXLysE_RdXPBcZj86hQq8hvOPx8Q==
expires
Sun, 07 Mar 2021 06:23:05 GMT
twt-logo-full-white.svg
i.piano.io/managedservices/the-washington-times/ Frame 350B 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.piano.io/managedservices/the-washington-times/twt-logo-full-white.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34de1fb33befdece9970a71e9429a611d3630a1a4f898feb743c0142c12de4e1

Request headers

Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
via
1.1 18c469438a584a68404b09c7cb7860cf.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
2705
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ac17e6e900002be994b3b000000001
last-modified
Fri, 03 Aug 2018 12:48:50 GMT
server
cloudflare
etag
W/"b1fd54d00e7dc0b9f5188a5aa7a01312"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-cf-pop
LHR62-C4
cf-ray
62c05c1e48252be9-FRA
x-amz-cf-id
nsH_p6TN-YrJZOe2rXe5lmtD1KhvD9erKdgjwH_-iL1L2DTvGAMDww==
expires
Sun, 07 Mar 2021 06:23:05 GMT
css
fonts.googleapis.com/ Frame 350B 		2 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a27e5a5f0470651ddf2e2b0f7ac3fb37861c0fac9daf7f4bbeff6c73a40c8892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 01:54:18 GMT
server
ESF
date
Sun, 07 Mar 2021 02:23:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 02:23:05 GMT
css
fonts.googleapis.com/ Frame 350B 		9 KB
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.piano-fixed-footer-one&templateId=OTWXSFR033WX&templateVariantId=OTVSRZC5AY0F9&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW_CIBRA_wvPNYEKXctbZzRx2ZxTo61vSLFlrZRQ8GPL_vuwc1vk7eack1zuJ2CyABRUusLPae5GEQiAZqVYS3GaXkndXN6jNhlWzPL4ghPPxVkLI4XiojfG2dMsTqdTkqze7uj4LLizslW9hmJIKtJCWw6gf6GDbG-iwtRtVB9CmxTGcXjXp_wv7qr2tBIH3TAr8pf5fJui6HE7SzD2RcW6XwaoNU4EwN7mPn5dbbLlZAGHw00G_tmaGcmUvSnr5WI7ImkOJ9cvcnbQTJaqA1S5pgnAUXbyRz0ObifBetfulP0g3pfak5BBRPE-pigJKcEIUxp65jph0lIo65XixK8b2AZQFCGCHiCKydc3bfr5UYYBAAA&experienceId=EXJN8AII59TQ&activeMeters=%5B%7B%22meterName%22%3A%22twt_meter_subs%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A3%2C%22maxViews%22%3A4%2C%22totalViews%22%3A1%7D%5D&widget=offer&tbc=%7Bjzx%7DoniGMPS_EJvIpbnraPMD-1vlzUjvSIDwtrsObLVGZ9OamHAhPakh9n55u4-QMaacwNjppuPrY2eJKihzLFl-dw&iframeId=offer-0-Vlp80&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=hph4LAYuC6&tags=Politics&contentSection=News&contentAuthor=Alex+Swoyer&zone=Web&pageViewId=klyj6o93hatc8y49&visitId=v-klyj6o94pbobntz5&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=02f8e23d87
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ed154a0995f9a5597ccb3c567815c1222b7dd07843f761f700b9a9eb8cd3250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 01:23:58 GMT
server
ESF
date
Sun, 07 Mar 2021 02:23:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 02:23:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B35D 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50479
x-xss-protection
0
server
cafe
etag
13215137272821469477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 07 Mar 2021 02:23:06 GMT
pxusr.gif
c.aaxads.com/ 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.153 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=179999
accept-ranges
bytes
content-length
43
expires
Tue, 09 Mar 2021 04:23:04 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:06 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=733140
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 15 Mar 2021 14:02:06 GMT
rep.gif
scomcluster.cxense.com/Repo/ Frame 18CC 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=klyj6o93hatc8y49&acc=0&sid=1139713072749780180&loc=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&gol=&pgn=&new=0&arf=0&ltm=1615083785356&ref=&tzo=-60&res=1600x1200&dpr=1&col=24&jav=0&bln=en-US&chs=UTF-8&cks=klyj6oq33cyoja1b&ckp=klyj6o9d3b1rh874&glb=&wsz=1600x1200&cp_userState=anon&cp_ver=2.40&cp_testGroup=31&fls=0&flv=&cst=3va04hcjkdp7h30jtrjzmqc12t
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.80.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://scdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 350B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:05 GMT
cf-cache-status
HIT
age
3906
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
strict-transport-security
max-age=60; includeSubDomains
content-length
2177
cf-request-id
08ac17e6f60000073e1222b000000001
wn
prod-dash-10-0-80-25
last-modified
Sat, 06 Mar 2021 13:53:20 GMT
server
cloudflare
etag
W/"2177-1615038800000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
62c05c1e5f01073e-FRA
expires
Sun, 07 Mar 2021 04:23:05 GMT
truncated
/ Frame 350B 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bccdc8953ce959207d04786b26d6aa28467edaa77d3bf484587ec2c2ff02930

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 350B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://buy.tinypass.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
461253
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:15:32 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 350B 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://buy.tinypass.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
221194
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:31 GMT
container.html
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7FB9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 07 Mar 2021 02:23:05 GMT
expires
Mon, 07 Mar 2022 02:23:05 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame B31B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzsgagki5G5THvv6etMoaukmt04uVNgcpiQQjlb4GfrYWe3z4QDrFZQICmrt81U11Cs2rQqHe9BO5epGh4GtpjQJTdX29IZwsTU2siN5qNoS80p9oNmpGfxramy2tOWM437xtPA2fYT6JvaWvLcR9aJKyjciF8TcWki-BOwDXvCCv10G717WLX1gf9mfJ9GH1Zc3Y59yBlcMV7Qra5QUjB_1WjJ81k4LCDnGgWHWs_MtaqxBBLGxDZ8edYBw3BN9f8_1fSh7XckPVTaQqGTMHoV0299uMTsk9rXClQDeWNiw8ZifE2QLdNNvUgKw-qCcX0JQWEBI4&sig=Cg0ArKJSzEfGd70fjYKjEAE&urlfix=1&adurl=
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame B31B 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e17ba7f7adef76f755128e7a9fa4d16b2eeade4408de77e87d31456d38aa515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
21862
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
8623
etag
W/"6568-1ngjDPyuAAmZwhNLatux85Ckam0"
x-served-by
cache-fra19120-FRA
date
Sun, 07 Mar 2021 02:23:06 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B31B 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:06 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 8CE9 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219592
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 8CE9 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219592
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 8CE9 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219592
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 8CE9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219592
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 8CE9 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219592
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
truncated
/ Frame 8CE9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1471958cfc76b91ab2f44dbf63d61ec73aff1883bcaa387d83f160d31edc9b8

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
13385905894540475335
tpc.googlesyndication.com/simgad/ Frame 8CE9 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13385905894540475335?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlYZziepSwqdlMTVvnEARfjmZxsCQ
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122df083771f07f5562ce2b55bac813ca2eed2cafe63eacb86053f8b286dbf20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 11:14:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 02:31:30 GMT
server
sffe
age
313729
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44375
x-xss-protection
0
expires
Thu, 03 Mar 2022 11:14:17 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8CE9 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
64809
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 07 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8CE9 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
10695
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 07 Mar 2021 23:24:51 GMT
l
www.google.com/ads/measurement/ Frame 8CE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNEYpKpE7L8X3Oh1oCkldp1Jckxi_bhTGKGczGKW7z-ZKa0kD61OnY9kwPB96CgvotCf-HJsx2nYGidlK41KZucWY7Ow
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 8CE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CC4BuCTlEYK6nHsr63gPk-L6AAbOfi99hjLSo8LUNChABIICW7xBg0YG5gtAHoAGHg7_3A8gBAuACAKgDAcgDCKoEzgJP0NIDAi0JAoPpA4WfCiv0fRzRv3oIuD51OvuTFa6IJwoy6961PNxKAE4sxPAJxnpalHLo1kmFQu_FVkCawNk4B9NnJnngBbg1-3H9wI8QzrzuvkcUYxXBtQkpszASW-d9aX7PPtE8fJdsd9MHopJSm3PI913GRoNhvgg6jpj5of3bDPVECDv0QskD6Xad1rdLqH2In0AuzXEkHeQqR7NGjKSAmpy3tw32lAsrZDsEObYdMiv78CKXMwfb_VT5Nx3iLrqpJ89wl9bNJhtTKQhO4mZtERt9lPC1H4R2vE_QbN7qCZXla7BqsXYn_VrkgRQmYxJNT3dXlTwLLS_O_JC-ABhBbTdiQQfz6aheHMpSRWuC8-IdzpxydpBJFEEsP_6aK2h7ompqnLxd2CyPeYRR846SgGKsELbpxm6wmmJ32C0PZNSU-GjPTSNPYEwMwAT45ZrFwgPgBAGSBQQIBBgBkgUECAUYBKAGAoAHq6KhI6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDO3gXSCAkIgOGAEBABGB2ACgPICwHYEwyyFxoKGAgAEhRwdWItMDcxNzQ2OTM2ODQwNjI3Ng&sigh=KvbYQdSb5DI&tpd=AGWhJmutR9zCPkSZ6Sy4fYaja6EFFyX0N5asgJ8EOwStD1g_8A
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:06 GMT
generic
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.washingtontimes.com
date
Sun, 07 Mar 2021 02:23:06 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.washingtontimes.com
date
Sun, 07 Mar 2021 02:23:06 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
container.html
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D3D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 07 Mar 2021 02:23:05 GMT
expires
Mon, 07 Mar 2022 02:23:05 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame CCF7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 07 Mar 2021 02:23:05 GMT
expires
Mon, 07 Mar 2022 02:23:05 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame A001 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm0yRWcxu8gOOVaX0LUeB7hB_1jHf990MhNsgd8JzXOqdiv8Z6Rk0BsQstTcsR4xxC8pquZIjePzqbjsIyw57wrenbae1qKgu7pKrN0mOd0fBLX90BmR8gv055P6ZvoQhiusS1wEBx-jpxdFKWhT5OApZbDQrCAhSu5CTnENm620FRwd5YLLyjyt7UWZOFKak9zPj0tIKJpGYKOI06XcNWqKxLWUMkv-ppgnTIOeBYwTRljUKrHRpDg3yIoJAbvL_ZZE31w4ET31ubYtnVpvJWSj78bROOG537t0RSdfC2q9G2LD6XyPNBkcksHyYuAE_YWHrk&sig=Cg0ArKJSzEsF0tdr6Ak9EAE&urlfix=1&adurl=
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame A001 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e17ba7f7adef76f755128e7a9fa4d16b2eeade4408de77e87d31456d38aa515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
21862
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
8623
etag
W/"6568-1ngjDPyuAAmZwhNLatux85Ckam0"
x-served-by
cache-fra19120-FRA
date
Sun, 07 Mar 2021 02:23:06 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A001 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:06 GMT
container.html
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7320 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 07 Mar 2021 02:23:05 GMT
expires
Mon, 07 Mar 2022 02:23:05 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ajs.js
cdn.undertone.com/js/ Frame 93EB 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/ajs.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
099cab8513e9629e5817e2c50f9aacd16eaed375b0b25dd832ca1ac1c5fd9ea2

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 05:59:19 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 07:49:36 GMT
server
AmazonS3
age
73428
etag
W/"fbbd41418681e5edc1f97e294d92a7de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
PNfY4OOFcWgn4BdKYraT4pHcvB4tV9d06HM1G60rVXqglx_x2E65Zw==
view
securepubads.g.doubleclick.net/pcs/ Frame 93EB 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPzTIZ_1Iqn46pY60oS5xfPCT4RICejqB9flcil7n49kZ2XXwI9CdwAHxulqhKqBVUGQ-4YytPch85w-KoPc33MV0-pv0GAAug1plmhZuAu2RD0JeF96X_YWiOHrTj0PzBFjnKXU3etivrb3eykBO8bpaEcJQfMgcRwQhqH3EbjGR6mECQ6Oq_IbxjESoOtgmz26ZdNWkWo7qp5KUNj0wlrRop6R6otUAD4JyDc55OnjoPgu-vBZq9mD7AzzeVhoQ1PPiyiAW47gYK3MpB0otYFstVjyDO9VYsDyiP1x2X23JlOhRVZ2HsuLTXTeW_gimL0iG7yVhC2m7aI5H2oldG3GjbbjpjhyYkCZlMl2t8aZtIuiYdIvzwku45TAnyDzSbkuADLgX4E9fTRxULCU88aOjOFipMdr7v2DhwvuSjbaETJkeZbNM&sig=Cg0ArKJSzHgdOeZk5RcXEAE&urlfix=1&adurl=
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
track.adform.net/adfscript/ Frame B31B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=44434947;rtbwp=F106B4406F3F233C;rtbdata=xcYom1FpZtozPh0k694Po9C_1k0ml3S_R7NrZQZh6JNIKvsZzaznGFr7-nj8p5bPJ9CfDa4srA4fBMgtV1PlxBVcD0W-8GHAitJHe8e7Dkd1XfMTbcHPiEGS-kLr1ty_ikSyMY6XAlxZt32vH3IQBoMrcMkKkkYbO1F62221DuQ9Id7XJ9VTqYfTpIhlqVsR2aaKhbTjS28hQvvS7f4WVPh3L-1N1iz8DEGKMIZOSFs6Cu-5kMGwcb6y2WV_jSKrUmn8rMT0v2QuGwA7fIsnyDd1_BAMovLAkfxBKIMk7xZxU_2AOvuvJew76O5yC7IfqSxJcEuWXup8xpnl9RdNOcm3EGCRVYs5jvBPiM3ZqtRxilprU64grZUF1SiFc_Bs_2dExpcKNQSTfpAen42MxUk7qAnQa3L0QeEimShqzcc1;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/5075a467-8bca-40fd-a2af-aaaff5608370/
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
18c0cb0ebf743477f9e97d6295da8220ae3aba001de8c452f31199cf52e785f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:06 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1082
expires
-1
5075a467-8bca-40fd-a2af-aaaff5608370
beacon-fra2-v4.rubiconproject.com/beacon/d/ Frame B31B 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2-v4.rubiconproject.com/beacon/d/5075a467-8bca-40fd-a2af-aaaff5608370?oo=0&accountId=10468&siteId=245008&zoneId=1387542&sizeId=10&e=6A1E40E384DA563BDB74D6067C280BDE1785A556AAFF493C1326B6DEE4B724D5E1B4937DD0AB500B90C5EB3483A9255D6D748C0D8D7FAA229292EF06855C4E1B9FC7BCA329BAE8FEDFA9997ACEFF5F76B8C50D48197AA2A2FD904E427C75F231721920998DDB531D883A09B6CF5CF1428647C557E0D9258E3D7E9C6D48E4C3F32884FAB6B3CF8B0321F3746B0B42ADFE14E1CF13EF6C13C1B348525DA57853BD3C0FCB37C0B942B8B6F56B2A2B78EC292B3D8DA146A638D53DAA8BBF7E75851ACDA10306204D320B
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:06 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
resolve
people.api.boomtrain.com/identify/ 		345 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=washington-times
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/washington-times/analyticstrain.min.js?_=1615083785744
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.223.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
c1be5187242d584a1095ead787704d919c85df2ae6af5fca2b90c32317e775ee

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
345
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dewh=SSP_CLIENT_gcp_eweu&dgeg=0&dgw=desktop&flg=AAX428WDR&fw=COPENHAGEN&ff=DK&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=washingtontimes.com&vhuyqdph=rtb-nv-dcos-ssp-10-6-43-188-9601&vg=1&vyu=030511_205_030312_71_ssp&vf=&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001615083785808013824215048072&vvsDeExfnhw=CONTROL&qsd=0&oz=1&gdss=green&uwbsh=&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=1---&xifd=0&frssd_vwdwxv=&frssd_dssolhg=&jixqgo=1200&jwg=100&lqlg=&qjixqgo=1200&ugo=800&deg=2&gvwduw=31&ghqg=1081&sf=&uhtxuo=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&nzui=
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.153 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-153.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:06 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 07 Mar 2021 02:23:06 GMT
/
track.adform.net/adfscript/ Frame A001 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=44434947;rtbwp=F106B4406F3F233C;rtbdata=uU98TwP9qmaU9BaDPvhCmoPxcmFEHOEgTP7Tk5-rMBEjkyg-7xhfiSLY1CRg3mSOxoJw7-dssq1CZ5sZmb_3VoZmXHcqTZa6fyKYguAye6tTzFp66yJJmDCwd14AptqQikSyMY6XAlxZt32vH3IQBoMrcMkKkkYbO1F62221DuQ9Id7XJ9VTqYfTpIhlqVsR2aaKhbTjS28hQvvS7f4WVPh3L-1N1iz8DEGKMIZOSFs6Cu-5kMGwcb6y2WV_jSKrUmn8rMT0v2QuGwA7fIsnyDd1_BAMovLAkfxBKIMk7xZxU_2AOvuvJew76O5yC7IfqSxJcEuWXuqFozQixzTQAMm3EGCRVYs5jvBPiM3ZqtRxilprU64grZUF1SiFc_Bs_2dExpcKNQSTfpAen42Mxf9LZPiJ37-KQeEimShqzcc1;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/da06d350-26c1-46a2-af53-452da1a251b6/
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f3787bf19c91edf134c15d82598a16a697b94bbcb96351eb6c434e8ced57a881
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:06 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1083
expires
-1
da06d350-26c1-46a2-af53-452da1a251b6
beacon-fra2-v4.rubiconproject.com/beacon/d/ Frame A001 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2-v4.rubiconproject.com/beacon/d/da06d350-26c1-46a2-af53-452da1a251b6?oo=0&accountId=10468&siteId=245008&zoneId=1387496&sizeId=10&e=6A1E40E384DA563B81CD2F13F34AEFB0CC218C37485413CB71A9F9D20C89FACC6E1BA099087F8665742DD6BF00A2F9476D748C0D8D7FAA2248DA9CD22049125E9FC7BCA329BAE8FEDFA9997ACEFF5F76B8C50D48197AA2A2FD904E427C75F231721920998DDB531D883A09B6CF5CF1428647C557E0D9258EC0A12D8886661A0E5FB12FE3F5C1EC9B21F3746B0B42ADFE14E1CF13EF6C13C12E17948261C8EA092A09B1F6FFDBFEFC4086862029400A3A17D8B37FA0C225A189C5EFEA303EBF52CDA10306204D320B
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:06 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/ Frame 0CD3 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ad14cc5d0aa5fdccdb847e2644c0dc97dc1e0446ccf6f3900b928c2a6016ca6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/11115701456514206122/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 04 Mar 2021 08:43:52 GMT
expires
Fri, 04 Mar 2022 08:43:52 GMT
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
3963
age
236355
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 7646 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkQ1wCTlEYKynHsr63gPk-L6AAanMmbhcz52P9MkLloLNhYgWEAEggJbvEGDRgbmC0AegAfGP284DyAEJqQJz6XqkXn-FPuACAKgDAcgDCKoE1QJP0B5VdDf-BOjZqd37aIYQgvbNopllQvtUiL-Qy2E-Eht2JEasYd5lchsLFJlE9nzUwPqCKBoJ4um1mxSi5_UniUbLv5B-4G8d3I1IxRyQC1oRQ8jQGbSaryVyWdop7ZSa34DLqeywfoxpOFC8kKQ2q_EfDsQZlDHcQrOqcLWaDjB1LffGgWhgcRFjjuSJpBMHJYCT0NzN0ho4RTKZpeVXkdCy2_cCIVSqcuVNlIn8DTXedA8kXAXf6ZcXkZP30EfVfZVAFVIjN7Q5WJoWVFV9bhNFfSHVR_AiHr0ieEP5dArRdZzIWFpfF-A4h32SWtxU0a8sfXvLjW8vupjgLDNcuz9L6u6krP07vpH3Jehz9lWtP0PiFWnPhO1c7PjWCSL4g2nWgx_vBJENQB1xUm5M4rcKjoZDVjsF1Z5-8Z3hNj5AUD3S0irc96sOCS1xTgMiSfw_48AE0O6c64gD4AQBkgUECAQYAZIFBAgFGASgBi6AB_fvpDGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQvtEn0ggJCIDhgBAQARgdgAoDyAsB2BMNshcaChgIABIUcHViLTA3MTc0NjkzNjg0MDYyNzY&sigh=qY1d9fHeGCs&template_id=419&tpd=AGWhJms3vCcJolEGTM96jr_72OwlMQyj_-lwFES52GZyfsor-A
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 7646 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 01:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 01:20:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 7646 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 02:19:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7646 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 7646 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 02:02:35 GMT
l
www.google.com/ads/measurement/ Frame 7646 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRf6Tf7QbRnzDIjq9DC9NvRz7yq8wM7aJJSGGpQZ31iZFYOPg1ci2JH8tYKcW0RImlt_BgitupXtEqkBSZ6M5_PSJDkmQ
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ Frame B35D 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9595286865800821&plah=www.washingtontimes.com&amaexp=1
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Mar 2021 02:23:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame F2EA 		11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210303/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 06 Mar 2021 21:27:47 GMT
expires
Sat, 20 Mar 2021 21:27:47 GMT
content-type
text/html; charset=UTF-8
etag
14371272352318978350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
5136
x-xss-protection
0
age
17720
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e1e8ed17237646a5b7776f6c1cde153e
i.liadm.com/s/e/a-01en/0/ Frame CAF8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01en%2F0%2Fe1e8ed17237646a5b7776f6c1cde153e%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&20330a1b-6525-4f3a-bb3e-d15...
  • https://i.liadm.com/s/e/a-01en/0/e1e8ed17237646a5b7776f6c1cde153e?mpid=7156&muid=947b6044-390a-4800-803f-30e22cd69a94
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-01en/0/e1e8ed17237646a5b7776f6c1cde153e?mpid=7156&muid=947b6044-390a-4800-803f-30e22cd69a94
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01en?s=&cim=&ps=true&ls=true&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.51.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-51-83.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:07 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Sun, 07 Mar 2021 02:23:07 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/a-01en/0/e1e8ed17237646a5b7776f6c1cde153e?mpid=7156&muid=947b6044-390a-4800-803f-30e22cd69a94
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 07 Mar 2021 02:23:06 GMT
35759
i6.liadm.com/s/ Frame CAF8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e1d875cd-72bc-4fe9-8414-488e29ed2798
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e1d875cd-72bc-4fe9-8414-488e29ed2798
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e1d875cd-72bc-4fe9-8414-488e29ed2798
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01en?s=&cim=&ps=true&ls=true&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:444a:4680:1ed9:60e9:aafd:7d9f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:08 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e1d875cd-72bc-4fe9-8414-488e29ed2798
Date
Sun, 07 Mar 2021 02:23:07 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
e1e8ed17237646a5b7776f6c1cde153e
i.liadm.com/s/e/a-01en/0/ Frame CAF8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=20330a1b-6525-4f3a-bb3e-d1566a2846de&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01en%2F0%2Fe1e8ed17237646a5b7776f6c1cde153e%3Fmpid%3D82775%26muid%3D%2...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=20330a1b-6525-4f3a-bb3e-d1566a2846de&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01en%2F0%2Fe1e8ed17237646a5b7776f6c1cde153e%3Fmp...
  • https://i.liadm.com/s/e/a-01en/0/e1e8ed17237646a5b7776f6c1cde153e?mpid=82775&muid=43916833738364859912040690386094620844
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-01en/0/e1e8ed17237646a5b7776f6c1cde153e?mpid=82775&muid=43916833738364859912040690386094620844
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01en?s=&cim=&ps=true&ls=true&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.51.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-51-83.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:07 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
HrG2r6lrTXY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-01en/0/e1e8ed17237646a5b7776f6c1cde153e?mpid=82775&muid=43916833738364859912040690386094620844
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame CAF8
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=20330a1b-6525-4f3a-bb3e-d1566a2846de
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=20330a1b-6525-4f3a-bb3e-d1566a2846de&rd=Y
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=20330a1b-6525-4f3a-bb3e-d1566a2846de&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01en?s=&cim=&ps=true&ls=true&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-41-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:07 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 07 Mar 2021 02:23:07 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=20330a1b-6525-4f3a-bb3e-d1566a2846de&rd=Y
pragma
no-cache
date
Sun, 07 Mar 2021 02:23:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sun, 07 Mar 2021 02:23:07 GMT
52176
i.liadm.com/s/ Frame CAF8
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=20330a1b-6525-4f3a-bb3e-d1566a2846de&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=20330a1b-6525-4f3a-bb3e-d1566a2846de&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=0bb0d2bf-9b98-437f-ab1c-0e86342894db
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=0bb0d2bf-9b98-437f-ab1c-0e86342894db
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01en?s=&cim=&ps=true&ls=true&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.51.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-51-83.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:08 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

location
//i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=0bb0d2bf-9b98-437f-ab1c-0e86342894db
date
Sun, 07 Mar 2021 02:23:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adxcm.aspx
inv-nets.admixer.net/ Frame CAF8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=20330a1b-6525-4f3a-bb3e-d1566a2846de
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=20330a1b-6525-4f3a-bb3e-d1566a2846de
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dliveintent%26bsw_par...
0
0
/
trc.taboola.com/sg/liveintent/1/cm/ Frame CAF8 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01en?s=&cim=&ps=true&ls=true&duid=326473a36fd7--01f057xj70ebrb6nd1sj6xac6a&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
57
pragma
no-cache
date
Sun, 07 Mar 2021 02:23:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1615083788.490257,VS0,VE57
x-served-by
cache-hhn11563-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8CE9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 07 Mar 2021 02:23:07 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
dj
ads.undertone.com/ Frame 93EB 		0
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.undertone.com/dj?&pid=37&domain=washingtontimes.com&tagid=1&fb=1&cb=51596767949&t=1615087387.183&fv=0&x=0&y=19&sw=1600&sh=1200&cw=1600&ch=1200&loc=https%3A//www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/&fr=1&env=201
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:f600:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:07 GMT
via
1.1 0d54c3ddc4e7347d45d33a921b50661f.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.washingtontimes.com/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
x-amz-cf-id
-nUKp1BN1uoxZPT9aRXIpdfY4UQbG8H_nmQJJ_MxvZbLzk_HzM01ig==
expires
Mon, 26 Jul 1997 05:00:00 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame B31B 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6e7dced3e80a11752f9080d37d182b7a018756cf2e128e74a503ec7d52160adf

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 16:00:38 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 08 Mar 2021 05:50:45 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/ Frame 6BD2 		64 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/index.html
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be791aa6dd6914fa06f07af1406eda02c721a769308a40d73e3ea987cb2b43e5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/17238692523308744704/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 02 Mar 2021 23:08:39 GMT
expires
Wed, 02 Mar 2022 23:08:39 GMT
last-modified
Mon, 15 Feb 2021 16:06:35 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
16682
age
357268
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame D3D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3Jm_CTlEYK-nHsr63gPk-L6AAenim79h-brRtKsNr4G649cCEAEggJbvEGDRgbmC0AegAcClsN8CyAEJqQJz6XqkXn-FPuACAKgDAcgDAqoE3QJP0LoYnUoFfyg-W3Q4I7lb-dzYEx6-pnm1SJZllQp56uARaaXrdTlKFRJ2cLKA8GF9vzGxHLsWY-wPYLnos2WPJRTARSxcpXVtDO_UMh0irk_NI3uwjUpPpJ8Wa2T9kYNpEAUoIl4LSuDZqv-LwqgSL1sUdjFC3CW8dmnKGyuE0fLxN7BqtyIrQByG7DV9BCONJ1ZwYHqdEBTdhZInXJgsx9OZBdgdKkPuH9e7Z7Gk5_V8Sqdv07JS-TrUbuyzUjCzkeUXN50TuvKLpx8KfzNnhGu4yDcCx1i7VZ7yT4mpDvHkEh0vvUjeijevIfbwgmqOXmNMx22S3LcLTHDiC2x3SZYZpHix0FClkG7QFOaW6D2NVGHL9ATsIuvf3NsmsHdWnLRX3Aj6t6-R43v9tWAxRQWpVaXYnCymvIR2-1ZSnbb2ZwRGA4A57U356SoEDl9AAZBsDlhufgFV3PzewASO_PyoxQPgBAGSBQQIBBgBkgUECAUYBKAGXYAHqNrPoAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQyIwH0ggJCIDhgBAQARgdgAoDyAsB2BMNiBQBshcaChgIABIUcHViLTA3MTc0NjkzNjg0MDYyNzY&sigh=FlNnhjqd7FM&tpd=AGWhJmvuyT7Ph_ayvo55BHVYwUfndvjNWF9hJ0v7IeKN7NK9bA
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame A120 		143 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 07 Mar 2021 01:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2503
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame D3D3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 02:19:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D3D3 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame D3D3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 02:02:35 GMT
l
www.google.com/ads/measurement/ Frame D3D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQL_205_roNkaQdjbUnOk9K6BP6yYA2UXNZhAAftYh5G0QfY8IqYSByid1qDhv03OHveS2oYugzbMU-NmvrbHbOvnew-Q
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/ Frame 820E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a35ff8bfdba50957eedc8319a6ea78a8b9b26bc8a81700b8528e85e2431ce4bc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/6971243240602723390/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3388
date
Sat, 06 Mar 2021 10:57:17 GMT
expires
Sun, 06 Mar 2022 10:57:17 GMT
last-modified
Thu, 16 Jul 2020 12:54:39 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
55550
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame CCF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUfJqCTlEYLCnHsr63gPk-L6AAfTF4c9chsjOyPcLhd2jp9kCEAEggJbvEGDRgbmC0AegAe6T4b4DyAEJqQJz6XqkXn-FPuACAKgDAcgDCKoE1gJP0NTjT4_Hkib4SlTelD5b3VD_uR0Tt49KGqaqhSX1OpGSeRTzd9LmIwT4kFHt_rRJKc8b_-nzsVBcPRE4omRlV-L2jAkCNtFzw9wjw8FLqMouIksBfqbD0vVUnOizdnM0rdD-3Fs4tA2vluZLdJFH6urlc_dceK8msI0neNk0aJT52oGoom0ggrKAar-IW5fhfWUFKDBlM_cem9FGyD8zbLfdhEI4aAs0SBf-nz7jhIVwFKYbu_IsAj1z-z_Kps2ROfWNRFkNv3o-NN0iaXdvMB6GX3bTYdlbJGmX48axcK-WpvIQghG1RlAoBuwEU3STYPoe2KnkLV__87jPdysGtG73xY6R_B2wiaq9Dxwmw58Xc6E-fDhLP_P_Z0KSwMoWpDmJIJkzUNPQXJpr0f9OLJanHHeYR_8j5l2cdBdbXWsM-nwlN4V6mGIpAJ-x5hFApKL_rl3ABNCn-LOQA-AEAZIFBAgEGAGSBQQIBRgEoAYugAf6655BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcDEPAu0ggJCIDhgBAQARgdgAoDyAsB2BMNshcaChgIABIUcHViLTA3MTc0NjkzNjg0MDYyNzY&sigh=BpUfTdTzAns&template_id=419&tpd=AGWhJmswk2FteUVUZiVdvsE0RXS_kMGjUOOEsSmxSd09jmRxew
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame CCF7 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 01:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 01:20:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame CCF7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 02:19:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CCF7 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame CCF7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 02:02:35 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/ Frame 1A3C 		64 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/index.html
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91badbb966583dc65043ed3d00931c1a1d769a94ce5d02f117b2c83d8297e6af
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/7416904685967114240/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 02 Mar 2021 23:15:42 GMT
expires
Wed, 02 Mar 2022 23:15:42 GMT
last-modified
Mon, 15 Feb 2021 16:06:36 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
16671
age
356845
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 7320 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsBIiCTlEYLKnHsr63gPk-L6AAenim79h6bzRtKsNr4G649cCEAEggJbvEGDRgbmC0AegAcClsN8CyAEJqQJz6XqkXn-FPuACAKgDAcgDAqoE2QJP0OzwESvbp0Hnt0d2DYPIgf5vMONehOSiFU411z0UK5WgTWMBhnre7Qsew8AJAzWv9Ca-hanerXRW9PXaS09RcnYYps8A6xQ9wfBKoztdOnpXsUCC01Pj19gxjDYPSM0QQRFEhyYfAdD1-aQMCM9N4hpnkpfwFRZUweb38oHl6vTj0dJYHJYygPlFHnnIM0lrcV9243NyDUYQrlbfR4iCOocAlnbA3OwWePp3CICHHhU0o7mUiE0InaJBpuM--MqdSTgzKLet3UMir_6oA5l7iYfIAujQztlLrJzZuzoaybUvTjC535V-UpV5YYNByO5Tw39SzpUroYALP59ww4atSbGt5-L_BTEdTZAn7z5zfiJN74Gq5X3G2tNntm0uHV7zFJhecIjJnEV0TXwHC_cxVPg_FOKRXy5D3ExkAlo7XPECkyc6HqGLrGtmIa6IU7dMea6Hj4ZudpfABI78_KjFA-AEAZIFBAgEGAGSBQQIBRgEoAZdgAeo2s-gAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCoogzSCAkIgOGAEBABGB2ACgPICwHYEw2IFAGyFxoKGAgAEhRwdWItMDcxNzQ2OTM2ODQwNjI3Ng&sigh=Eg8w85Ro13g&tpd=AGWhJmuMhO6lN2Z6conY3ZqXDAnjiTi7E2olm_YCKibyfKW9Lw
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame C261 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 07 Mar 2021 01:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2503
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 7320 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 02:19:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7320 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 7320 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 02:02:35 GMT
l
www.google.com/ads/measurement/ Frame 7320 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWWlBqDicCeP_is_PqzlkvsB5cHf1tskh7u3x2S-zeeEaVwjNhWIutzLnAQhDpBHXoQFSBFQfwuPBqnTh6sJo93sOvqQ
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame A001 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6e7dced3e80a11752f9080d37d182b7a018756cf2e128e74a503ec7d52160adf

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 16:00:38 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 08 Mar 2021 05:50:45 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E99C 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 07 Mar 2021 01:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2503
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7646 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c3fc7b88cacbc18b7120689af183ea32a610cc7ab4316b2fee76e6220b9f178

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
active_selectors
onsite.boomtrain.net/ 		0
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onsite.boomtrain.net/active_selectors?site_id=washington-times&bt_onsite_test=false&site_id=washington-times
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/washington-times/analyticstrain.min.js?_=1615083785744
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.115.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
cc1cdfd3-8f51-452b-b669-fb93bf2e6f8e
X-Runtime
0.006013
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Request-Methods
POST, GET, OPTIONS
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept, authorization, x-prototype-version
collect
www.clarity.ms/eus2/ 		7 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.9/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:06 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
x-azure-ref
0CzlEYAAAAAD9c+XSAiekQ6ef/tfq4PIuRlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
track
events.api.boomtrain.com/event/ 		2 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.boomtrain.com/event/track?id=50b0e46c98dd22e844f5ce21d01a6f2f&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&model=article&autoTrack=true&track_by_url=true&type=viewed&app=washington-times&bsin=K8Y2wJhtgREHDgZFycyXwz2BCblN1BsDOI1V1HVqBiMtK3G50NUsETrRB6GII6OXu8n7tiesCTD%2Bt4e2Qq7fQQ%3D%3D&userId=K8Y2wJhtgREHDgZFycyXwz2BCblN1BsDOI1V1HVqBiMtK3G50NUsETrRB6GII6OXu8n7tiesCTD%2Bt4e2Qq7fQQ%3D%3D&session=6e5c93ce-9389-476e-e9d3-b05a0cffa933&site_id=washington-times
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/washington-times/analyticstrain.min.js?_=1615083785744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.72.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-72-72.compute-1.amazonaws.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
server
nginx
allow
GET, HEAD, OPTIONS, POST
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, x-app-id
content-length
2
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0CD3 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 04:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 07 Mar 2021 04:49:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0CD3 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47737
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 07 Mar 2021 13:07:30 GMT
af06907b49d872e7c15e0f17eb846ec8.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/ Frame 0CD3 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/af06907b49d872e7c15e0f17eb846ec8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b2629b8e9e0f63644435c2aca44bab5d8595a634f6f0150a97a8dfc5d20c9d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
161959
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Fri, 05 Mar 2021 05:23:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 05:23:48 GMT
truncated
/ Frame 93EB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44c7fba7f0cb5bbf1fee6f01f7ddc4be7ae231b5dc806f1f34470de152658d1c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
story_2536785
api-2-0.spot.im/v1.0.0/config/ab_test/sp_iyCBIB1C/ 		88 B
757 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_iyCBIB1C/story_2536785
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-114.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
cbdd09f8f307836a7360dc6c64ac8aff9b39ca77fb2889d7601e1c0e7117206b

Request headers

Accept
application/json
Referer
https://www.washingtontimes.com/
x-spotim-page-view-id
0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-spotim-device-uuid
669706bd-0e8f-45c8-9ba3-04470d8031ab

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.washingtontimes.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid
content-length
88
x-request-id
0e2d5455-7eec-11eb-9c63-de63a784d1b6
story_2536785
api-2-0.spot.im/v1.0.0/config/ab_test/sp_iyCBIB1C/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_iyCBIB1C/story_2536785
Protocol
H2
Server
2.16.186.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-114.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.washingtontimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-max-age
86400
date
Sun, 07 Mar 2021 02:23:07 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6BD2 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 15:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 07 Mar 2021 15:52:29 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6BD2 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47737
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 07 Mar 2021 13:07:30 GMT
truncated
/ Frame D3D3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f5fbc0660997d80fd33dfea089db0e957b9b1956b77b2cdfa7f90293e74efcf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame D822 		143 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 07 Mar 2021 01:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2504
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame CCF7 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5cf93bf7f912c113de3dcd5f5b4efaa254ccae246010df82ab1aff95dc24e22

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
4191
x-amz-cf-id
WT-A5KE3pi0akvyEu7UN9rDoJXZFhrLiL7G9ZoNXH3oQ36f_LjRcCA==
expires
Tue, 08 Mar 2022 02:23:09 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 820E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 04:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 07 Mar 2021 04:49:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 820E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47737
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 07 Mar 2021 13:07:30 GMT
38c1736958b0bc4e23364ac123ab3083.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/ Frame 820E 		72 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/38c1736958b0bc4e23364ac123ab3083.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ddd862fd7f5fc36ec0acd14c6156f7000b45a50d5ed6ddf4ad0bc4343d2ba53
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
55549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18789
x-xss-protection
0
last-modified
Thu, 16 Jul 2020 12:54:39 GMT
server
sffe
date
Sat, 06 Mar 2021 10:57:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 10:57:18 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1A3C 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 15:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 07 Mar 2021 15:52:29 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1A3C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47737
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 07 Mar 2021 13:07:30 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame B35D 		209 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.washingtontimes.com&callback=_gfp_s_&client=ca-pub-9595286865800821&cookie=ID%3Dd2d6223518cb0b0e%3AT%3D1615083785%3AS%3DALNI_MbSI0dhSn1IaI7RdilLRYMXQhYiJg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1c330e76b37cd7a1987de811216e0b1676c70f87a48c24d7f0c8ddae0c3e43aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B35D 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.washingtontimes.com
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B35D 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.washingtontimes.com
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B35D 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tn=DIV&cls=piano-fixed-footer-one&ign=false
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 764C 		603 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9595286865800821&output=html&adk=1812271804&adf=2751417942&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615083787111&bpp=12&bdt=1284&idt=633&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dd2d6223518cb0b0e%3AT%3D1615083785%3AS%3DALNI_MbSI0dhSn1IaI7RdilLRYMXQhYiJg&nras=1&correlator=8261809594697&frm=23&ife=1&pv=2&ga_vid=677044234.1615083788&ga_sid=1615083788&ga_hid=735846756&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2696519191&scr_x=0&scr_y=0&eid=21066923&oid=3&pvsid=81111569845521&rx=0&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8196&bc=31&ifi=1&uci=1.m8h21l21m1rl&fsb=1&dtd=912
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-9595286865800821&output=html&adk=1812271804&adf=2751417942&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615083787111&bpp=12&bdt=1284&idt=633&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dd2d6223518cb0b0e%3AT%3D1615083785%3AS%3DALNI_MbSI0dhSn1IaI7RdilLRYMXQhYiJg&nras=1&correlator=8261809594697&frm=23&ife=1&pv=2&ga_vid=677044234.1615083788&ga_sid=1615083788&ga_hid=735846756&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2696519191&scr_x=0&scr_y=0&eid=21066923&oid=3&pvsid=81111569845521&rx=0&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8196&bc=31&ifi=1&uci=1.m8h21l21m1rl&fsb=1&dtd=912
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 07 Mar 2021 02:23:08 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame B35D 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9595286865800821&plah=www.washingtontimes.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd0c3173c8506b16a7a46c784bec6c117f0c0e637b82cc229966c38d96275b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6526
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame B35D 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:08 GMT
truncated
/ Frame 7694 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd7d955be20ca23d32b09984f8c4274fb95f3997c3fbcb0ae99f53b1f986d8f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
info.svg
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 7694 		971 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.libsyn.com/p/assets/platform/customplayer/images/info.svg
Requested by
Host: static.libsyn.com
URL: https://static.libsyn.com/p/assets/platform/customplayer/custom-player-bootstrap.min.css?u=2018-07-09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
36d73ce2f32f33139d698bdda928627bc3d6a91636aa89f7b7cd6bdb4f59fa20

Request headers

Referer
https://static.libsyn.com/p/assets/platform/customplayer/custom-player-bootstrap.min.css?u=2018-07-09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
last-modified
Sun, 28 Jun 2020 22:26:39 GMT
etag
"1593383199"
x-hw
1615083788.dop012.sk1.t,1615083788.cds071.sk1.hn,1615083788.cds217.sk1.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=27785767
accept-ranges
bytes
content-length
971
true
html5-player.libsyn.com/embed/list/id/1419779/offset/0/size/1/sort_by_field/release_date/sort_by_direction/DESC/category//no-cache/ Frame 7694 		777 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://html5-player.libsyn.com/embed/list/id/1419779/offset/0/size/1/sort_by_field/release_date/sort_by_direction/DESC/category//no-cache/true
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@2.1.3/dist/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.16.246.215 , United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software
Apache /
Resource Hash
fca0b268544f5127f37eba410a1a97bb020d9cd9ac4b10a2a3f575295272a605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept
*/*
Referer
https://html5-player.libsyn.com/embed/episode/id/18202610/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
x-libsyn-host
web-player2.libsyn.com
accept-ranges
bytes
content-length
336
x-xss-protection
1;mode=block
expires
Tue, 09 Mar 2021 02:23:08 GMT
truncated
/ Frame 7320 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c81ad4a9000a2897481c140594fbd004df6928e95677b1fa1b0ea99cec2c11c3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 0CD3 		1015 B
493 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/af06907b49d872e7c15e0f17eb846ec8.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5088c618e38ccdf416a61febe45458baf8b4ef7024130b122c2405d5a1cdb25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 01:50:07 GMT
server
ESF
date
Sun, 07 Mar 2021 02:23:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 02:23:08 GMT
710b60e37a3fcfd9b96bc70cda47924d.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/710b60e37a3fcfd9b96bc70cda47924d.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af37987749f2706ccb0267dcc97f99dea65dd30dc701478c8f17454fb6d7b8b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
161959
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5040
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Fri, 05 Mar 2021 05:23:49 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 05:23:49 GMT
bd671adcfec80847ced5782a8f60970a.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/bd671adcfec80847ced5782a8f60970a.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac919fa93b392b013630727ec10130aabfd0f670275a4c75d35236c4e62a2e75
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
60350
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4576
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Sat, 06 Mar 2021 09:37:18 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 09:37:18 GMT
3815dacd9ff3cf62e0df62e63b8465fc.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/3815dacd9ff3cf62e0df62e63b8465fc.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ebb708ce47b1ca44c86c31852dd8afd8b85ee475a57ace1d55eca81e64c7964
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2565
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Fri, 05 Mar 2021 07:19:46 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 07:19:46 GMT
45236b5c04387602e6fadecaafdeeae2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/45236b5c04387602e6fadecaafdeeae2.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04452c0387c3d96451472f2d978e9205f2a091336e220264b97624748055320c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
60350
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2120
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Sat, 06 Mar 2021 09:37:18 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 09:37:18 GMT
a6edaa1f2f5ebff8afe514dae778b444.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/a6edaa1f2f5ebff8afe514dae778b444.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
824bf3d2fcb0a762bf66d2a2f707e10b80b02f055e7ea767fbe0a1c11facc823
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
318807
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4186
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Wed, 03 Mar 2021 09:49:41 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Mar 2022 09:49:41 GMT
f765a515b73a37547288f6d6c6454e16.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/f765a515b73a37547288f6d6c6454e16.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0cf450f40d6b936d64a4a2c320b258b2a842f7f3c65a6f11637d414a341e02e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
60350
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2503
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Sat, 06 Mar 2021 09:37:18 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 09:37:18 GMT
33d078a0992f2a314a4b1f016d7b358b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/33d078a0992f2a314a4b1f016d7b358b.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9aa160934f2025991a8a8490fd4285b58a9fbb2e5009205492f94d528e8c313f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
409449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2403
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Tue, 02 Mar 2021 08:38:59 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 08:38:59 GMT
796ece125aa77de5336f13ace28d381d.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/796ece125aa77de5336f13ace28d381d.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67b71c4b762cdaadf9d51c5329d273655935b91e672330e163ff2a102dc73221
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
409449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1253
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Tue, 02 Mar 2021 08:38:59 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 08:38:59 GMT
ao
capi.connatix.com/tr/ Frame C2D3 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=106673
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.204.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-204-105.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 07 Mar 2021 02:23:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame C2D3 		232 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=106673
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.204.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-204-105.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
35763c3a668e24d3e7aa5a31cf7377802aec02249544a1a07d69e376f78b3d0a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 07 Mar 2021 02:23:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
202
ps
capi.connatix.com/tr/ Frame C2D3 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=106673
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.204.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-204-105.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 07 Mar 2021 02:23:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 254A 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2092ab5b58ee05742a711f65fe3021be81a1d243a14109ad140ef42cfb6382f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 01:42:00 GMT
content-encoding
br
last-modified
Mon, 30 Nov 2020 08:04:19 GMT
server
AmazonS3
age
2469
etag
W/"883780093129b6025aea7386226647ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
gSgsyJu0CfqvNLKCbtQcH9J2FQuTx23L
via
1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
ZAG50-C1
content-type
application/javascript
x-amz-cf-id
C3N6ZN98-O7-dAlBXK3yx3Grizq0xYOKU_K0hV03rlU3Mm0tlgcjrg==
hb_270443_241.js
player.spotim.market/prebidlink/448634/ Frame 254A 		319 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/448634/hb_270443_241.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
9bdb31a2e71a28d7a60ff87fb0e38f47ddf6fbc9a208f3bf609e7e7ff36c541d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 15:28:06 GMT
server
nginx
etag
W/"603e5986-4fcd0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 07 Mar 2021 03:23:08 GMT
cache-control
max-age=3600
x-proxy-cache
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 254A 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e1e98d3628ff12ae7dac76d752ec5afb9e3070f12dddb1d2943c5acd0c836336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"804 / 910 of 1000 / last-modified: 1614985848"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19736
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:08 GMT
wrapper_hb_270443_241.js
player.spotim.market/prebidlink/448634/ Frame 254A 		124 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/448634/wrapper_hb_270443_241.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
988691f1287ab21055dc60be6e33b8e40935f7c42050888dc23f1013a1e3121d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 16:42:42 GMT
server
nginx
etag
W/"60410e02-1ee8a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 07 Mar 2021 03:23:08 GMT
cache-control
max-age=3600
x-proxy-cache
MISS
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6BB5 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=60621
Expires
Sun, 07 Mar 2021 19:13:29 GMT
Date
Sun, 07 Mar 2021 02:23:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set usermatch
ssum.casalemedia.com/ Frame 2948
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D
  • https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
279f436725f4a1630df3e10f8bc54878aa29d8cd32ee2788784930163e17a382

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YEQ5DOXDLEHXvkPbcd.ClQAA; CMPS=656
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|46|13|90|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1839
Expires
Sun, 07 Mar 2021 02:23:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:08 GMT
Connection
keep-alive
Set-Cookie
CMID=YEQ5DOXDLEHXvkPbcd.ClQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 07 Mar 2022 02:23:08 GMT CMPS=656;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 05 Jun 2021 02:23:08 GMT CMPRO=203;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 05 Jun 2021 02:23:08 GMT CMRUM3=f16044390c05a00&0d6044390c05a0&276044390c0b40&496044390c05a00&e66044390c27600&2d6044390c05a0&5a6044390c05a0&2e6044390c05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 07 Mar 2022 02:23:08 GMT CMST=YEQ5DGBEOQwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Mar 2021 02:23:08 GMT

Redirect headers

Server
Apache
Content-Length
321
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 07 Mar 2021 02:23:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:08 GMT
Connection
keep-alive
Set-Cookie
CMID=YEQ5DOXDLEHXvkPbcd.ClQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 07 Mar 2022 02:23:08 GMT CMPS=656;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 05 Jun 2021 02:23:08 GMT
usync.html
eus.rubiconproject.com/
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
0
0
Cookie set csync
sync.spotim.market/ Frame 5B8D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
86 B
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.spotim.market
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
a271858=1464628836493193853; a301276=0eab7120-7eec-11eb-a660-1a7ccaea0406; a290146=y-.BAU0Nd1l2bvPJey_kzQX8lZI9xAlfQD~UP0e99e444-7eec-11eb-bc23-02ae808367ac; a281178=D3D14F32-36CD-4416-B829-D45C55888FE8; a301804=YEQ5DOXDLEHXvkPbcd.ClQAA&203; vmuid=e48b482dca0c0a10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Server
VertaMedia 1.0
Date
Sun, 07 Mar 2021 02:23:11 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=e48b482dca0c0a10; expires=Sat, 08 May 2021 02:23:11 GMT; domain=.spotim.market; path=/; secure; SameSite=None a309017=no-consent; expires=Sat, 08 May 2021 02:23:11 GMT; domain=.spotim.market; path=/; secure; SameSite=None

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
content-length
0
date
Sun, 07 Mar 2021 02:23:11 GMT
server
AC1.1
vendors~main-chunk.js
static-cdn.spot.im/production/ads/tags/v16.1.1-1/ads/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v16.1.1-1/ads/vendors~main-chunk.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
6919342e1076b1ef8265582ed6a4e3659926413155e4354fd284ae4b66897a8f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
13795
expires
Tue, 08 Mar 2022 02:23:08 GMT
main-chunk.js
static-cdn.spot.im/production/ads/tags/v16.1.1-1/ads/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v16.1.1-1/ads/main-chunk.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
bab016fe37c5521b05227b5619f7ed2a3eed92adaf853c330aa3556cf41fbda3

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
5523
expires
Tue, 08 Mar 2022 02:23:08 GMT
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=1464628836493193853
86 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=1464628836493193853
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:08 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid
ed5938c5-7127-4e10-a0de-4784e80d48b5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=1464628836493193853
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=0e9070ba-7eec-11eb-9cba-1d66682b2806
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=0e9070ba-7eec-11eb-9cba-1d66682b2806
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sun, 07 Mar 2021 02:23:08 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
112
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sun, 07 Mar 2021 02:23:08 GMT
Server
nginx
Location
/partner?source=211945&__user_check__=1&sync_id=0e9070ba-7eec-11eb-9cba-1d66682b2806
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
19
Connection
keep-alive
Content-Length
0
csync
sync.spotim.market/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e99e444-7eec-11eb-bc23-02ae808367ac
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e99e444-7eec-11eb-bc23-02ae808367ac&verify=true
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-.BAU0Nd1l2bvPJey_kzQX8lZI9xAlfQD~UP0e99e444-7eec-11eb-bc23-02ae808367ac
86 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-.BAU0Nd1l2bvPJey_kzQX8lZI9xAlfQD~UP0e99e444-7eec-11eb-bc23-02ae808367ac
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Sun, 07 Mar 2021 02:23:09 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-.BAU0Nd1l2bvPJey_kzQX8lZI9xAlfQD~UP0e99e444-7eec-11eb-bc23-02ae808367ac
Connection
keep-alive
Content-Length
0
/
sync.spotim.market/csync/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=0eab715b-7eec...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=0eab7120-7eec-11eb-a660-1a7ccaea0406
86 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=0eab7120-7eec-11eb-a660-1a7ccaea0406
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Sun, 07 Mar 2021 02:23:08 GMT
Server
nginx
Location
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=0eab7120-7eec-11eb-a660-1a7ccaea0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
54
Connection
keep-alive
Content-Length
0
710530.gif
di.rlcdn.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
via
1.1 google
alt-svc
clear
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B35D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:08 GMT
6bd00948-d533-4468-99fc-34028fbb0572.jpg
img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/6bd00948-d533-4468-99fc-34028fbb0572.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af69a3d88e77b6cc820fa5315924be1f2c68e457a76a6ab3aea6b1d8a93aa516

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
br
age
2753
x-cache
HIT, MISS
fastly-io-info
ifsz=81113 idim=1200x700 ifmt=jpeg ofsz=19053 odim=600x338 ofmt=jpeg
fastly-stats
io=1
content-length
18662
x-served-by
cache-dca17755-DCA, cache-cph20620-CPH
access-control-allow-origin
*
x-timer
S1615083789.989675,VS0,VE99
etag
"0xMSwBaM5X6f4WxRyiQV/PfYdFbQeC6YZoCcW2+82Pc"
x-amz-request-id
W6AKP9HGSEQX063M
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 0
d8eb91af-44e5-4831-83d5-944433779b1a.jpg
img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/d8eb91af-44e5-4831-83d5-944433779b1a.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0414e0055b41fc9e5a56f471c49c5ee1bf9127b5d02a8a3da9c1d46d26d1c8cd

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
br
age
2752
x-cache
HIT, MISS
fastly-io-info
ifsz=109883 idim=1200x700 ifmt=jpeg ofsz=23987 odim=600x338 ofmt=jpeg
fastly-stats
io=1
content-length
23500
x-served-by
cache-dca17743-DCA, cache-cph20620-CPH
access-control-allow-origin
*
x-timer
S1615083789.064604,VS0,VE90
etag
"y/Mpkq9Oua55lTbZcr1J31pZTQs0G6fMCnwSLwYmYWg"
x-amz-request-id
3V5QS63ZBWHRH6QD
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 0
8b7f9444-e14d-4cfc-8914-cb6a69151409.jpg
img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/8b7f9444-e14d-4cfc-8914-cb6a69151409.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d150a83c4c8354f634f88d0b21d16eabcc21bfb75b83296d27a1c4438e77fabd

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
br
age
2753
x-cache
HIT, MISS
fastly-io-info
ifsz=99105 idim=1200x700 ifmt=jpeg ofsz=20470 odim=600x338 ofmt=jpeg
fastly-stats
io=1
content-length
20093
x-served-by
cache-dca17725-DCA, cache-cph20620-CPH
access-control-allow-origin
*
x-timer
S1615083789.107370,VS0,VE85
etag
"g0ARRdghXZySoZDrHlRry3+QN8ultQO8qz7vOt+kfPY"
x-amz-request-id
W6AJSEZJXKZNSJXY
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 0
01e777d6-e9e9-429b-bcdc-a3d5d96bf52f.jpg
img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/01e777d6-e9e9-429b-bcdc-a3d5d96bf52f.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73894bf6166ee5424e58bf0ba1bcc7ffd6bc256d11ece70e5cb698914fc35418

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
br
age
2753
x-cache
HIT, MISS
fastly-io-info
ifsz=103559 idim=1200x700 ifmt=jpeg ofsz=20924 odim=600x338 ofmt=jpeg
fastly-stats
io=1
content-length
20558
x-served-by
cache-dca17778-DCA, cache-cph20620-CPH
access-control-allow-origin
*
x-timer
S1615083789.124539,VS0,VE86
etag
"wqck0smyNDHTo+oF0RLOO8uk5ZfLjEX1a9x0THXgG4s"
x-amz-request-id
W6AY58Q1A4G36VVP
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 0
c2e68da5-ccfb-4b82-819c-03e0f5ff3cc6.jpg
img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/2b54e029-43ee-4f81-ad96-c7469961741e/c2e68da5-ccfb-4b82-819c-03e0f5ff3cc6.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37fb26153eb3a72ab91c5925ea7622b3757d244bafbe3d0ac2af583465fbf12c

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
br
age
2753
x-cache
HIT, MISS
fastly-io-info
ifsz=76513 idim=1200x700 ifmt=jpeg ofsz=16448 odim=600x338 ofmt=jpeg
fastly-stats
io=1
content-length
16023
x-served-by
cache-dca17726-DCA, cache-cph20620-CPH
access-control-allow-origin
*
x-timer
S1615083789.135828,VS0,VE86
etag
"WFatZtQ7Y4qzV0q+KaHcUkoLUp2P7mVuDeUTELy9Hzw"
x-amz-request-id
W6AYNQQ06RTG3034
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 0
usersync.html
cdn.undertone.com/js/ Frame 47CD 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

content-type
text/html
date
Sat, 06 Mar 2021 18:21:04 GMT
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
h5aXorWQNeNZ0hhWD7mDrjex8mVAiIskmqse6tdTENDLzrjsqp3ZOw==
age
28925
si
googleads.g.doubleclick.net/pagead/drt/ Frame A120
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
133 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 02:23:08 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 07-Mar-2021 03:23:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 02:23:08 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 02:23:08 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f72736e7588bf36fbcca691a1d6e7318.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/f72736e7588bf36fbcca691a1d6e7318.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7a2c90101bbabde1d255182108e981a3cfda229f978d792bb9225b3a08ccbd8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
409449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1375
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Tue, 02 Mar 2021 08:38:59 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 08:38:59 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 0CD3 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 10:46:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:23 GMT
server
sffe
age
56189
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7848
x-xss-protection
0
expires
Sun, 06 Mar 2022 10:46:39 GMT
100639a692aa38a2b49fd97b5b3e7404.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/100639a692aa38a2b49fd97b5b3e7404.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
785e2195d7c734800885cf45cf3c267a35603b120b11e89c139d76dfffc93f0d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
409449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2217
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Tue, 02 Mar 2021 08:38:59 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 08:38:59 GMT
f18828ca837ba6fd24000f8f6c8374e9.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/f18828ca837ba6fd24000f8f6c8374e9.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60b3341f93e72974d7c6eb0f8f52067baed7e456ce4923b416a4298d4caad35b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
161959
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1253
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Fri, 05 Mar 2021 05:23:49 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 05:23:49 GMT
/
track.adform.net/adfserve/ Frame B31B 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=44434947;rtbwp=F106B4406F3F233C;rtbdata=xcYom1FpZtozPh0k694Po9C_1k0ml3S_R7NrZQZh6JNIKvsZzaznGFr7-nj8p5bPJ9CfDa4srA4fBMgtV1PlxBVcD0W-8GHAitJHe8e7Dkd1XfMTbcHPiEGS-kLr1ty_ikSyMY6XAlxZt32vH3IQBoMrcMkKkkYbO1F62221DuQ9Id7XJ9VTqYfTpIhlqVsR2aaKhbTjS28hQvvS7f4WVPh3L-1N1iz8DEGKMIZOSFs6Cu-5kMGwcb6y2WV_jSKrUmn8rMT0v2QuGwA7fIsnyDd1_BAMovLAkfxBKIMk7xZxU_2AOvuvJew76O5yC7IfqSxJcEuWXup8xpnl9RdNOcm3EGCRVYs5jvBPiM3ZqtRxilprU64grZUF1SiFc_Bs_2dExpcKNQSTfpAen42MxUk7qAnQa3L0QeEimShqzcc1;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f5075a467-8bca-40fd-a2af-aaaff5608370%2f;js=1;adfxid=1x;2268;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
472945724d2872456b70371b4304e70db53ab1a2f94993639dd1e436cd93bbaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3270
expires
-1
/
track.adform.net/adfserve/ Frame A001 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=44434947;rtbwp=F106B4406F3F233C;rtbdata=uU98TwP9qmaU9BaDPvhCmoPxcmFEHOEgTP7Tk5-rMBEjkyg-7xhfiSLY1CRg3mSOxoJw7-dssq1CZ5sZmb_3VoZmXHcqTZa6fyKYguAye6tTzFp66yJJmDCwd14AptqQikSyMY6XAlxZt32vH3IQBoMrcMkKkkYbO1F62221DuQ9Id7XJ9VTqYfTpIhlqVsR2aaKhbTjS28hQvvS7f4WVPh3L-1N1iz8DEGKMIZOSFs6Cu-5kMGwcb6y2WV_jSKrUmn8rMT0v2QuGwA7fIsnyDd1_BAMovLAkfxBKIMk7xZxU_2AOvuvJew76O5yC7IfqSxJcEuWXuqFozQixzTQAMm3EGCRVYs5jvBPiM3ZqtRxilprU64grZUF1SiFc_Bs_2dExpcKNQSTfpAen42Mxf9LZPiJ37-KQeEimShqzcc1;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2fda06d350-26c1-46a2-af53-452da1a251b6%2f;js=1;adfxid=2x;5021;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f66d397728bc85503e92acca1822af9374bb95062fc8b81fa9f2892f156875ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3276
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame 7646 		42 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxdHwKedsHshjMu5ORHrqCg8dc-vLRbQ3ZU-arVNUshjXhUPLx5hEvl7MO1tEwDx--A11TPXlDIm1py6ugYeQgtTJKO727ogBiYmUoywKt87YmOAeAyJNjK5WHOw&sai=AMfl-YSJ0cW6huFxVICLUjusEJrYJ6noSb3o5OR2Ho-Ljag4Oh8QjDR1c7BVbpkgdIBDAKvl6NdE_qcKgF3zuxxYAbhmcN6RMPqXl3YQD7SoFK8M3AZg7Iu1uCIVt0kp&sig=Cg0ArKJSzGb6gI04mQLYEAE&cid=CAASF-RoxfEaeTTI1jfXdKiK97wowLPoz6ry&id=osdim&mcvt=1127&p=395,436,485,1164&mtos=1127,1127,1127,1127,1127&tos=1127,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3986118909&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615083786248&dlt=683&rpt=1432&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C261
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 02:23:08 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 07-Mar-2021 03:23:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 02:23:08 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 02:23:08 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vendor-bundle.js
static-cdn.spot.im/production/launcher/tags/v2.50.2/vendor/ 		207 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.50.2/vendor/vendor-bundle.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
cf02237bea5954a7079f2c687c79f3d17d4afbc334d03a2b0e1b1c5eb455a482

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
58427
expires
Tue, 08 Mar 2022 02:23:08 GMT
conversation-page-bundle.js
static-cdn.spot.im/production/conversation-page/tags/v2.2.13/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation-page/tags/v2.2.13/conversation-page-bundle.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
5a577a487b1d74cd85cf5d1454ece91e6c311cc04bf201297ee02435eb5bd4a0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
2708
expires
Tue, 08 Mar 2022 02:23:08 GMT
conversation-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.30.7/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.30.7/conversation-bundle.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
ece093e3ec88dbfb93b990f06d662fb1b44860d4a94ed3ddf50f94485d43ce91

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
12013
expires
Tue, 08 Mar 2022 02:23:08 GMT
popular-in-the-community.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.25.6/ 		411 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.25.6/popular-in-the-community.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
2a5f14af1d652183b7ed8e3fb9fe254a87be67dae835e9deef464dab635edfd8

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
91520
expires
Tue, 08 Mar 2022 02:23:08 GMT
popular-in-the-community.css
static-cdn.spot.im/production/popular-in-the-community/tags/v2.25.6/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.25.6/popular-in-the-community.css
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
c4288ea598515bb42c621803902b970fa13ef30493867e8754f3732c56835b19

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
1958
expires
Tue, 08 Mar 2022 02:23:08 GMT
analytics-pusher.js
static-cdn.spot.im/production/analytics-pusher/tags/v1.2.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/analytics-pusher/tags/v1.2.1/analytics-pusher.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
a86fae43a94ac408aab297fba5dff884ac532d1a7ad7264d5243dbc92ba6a154

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
3785
expires
Tue, 08 Mar 2022 02:23:08 GMT
broadcast-fetcher-bundle.js
static-cdn.spot.im/production/broadcast/tags/v1.0.2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/broadcast/tags/v1.0.2/broadcast-fetcher-bundle.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
86c3178d6f58b43c96e5bd809e4b11711fdb99fe897a9496d29d0f1999a3adaf

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
1602
expires
Tue, 08 Mar 2022 02:23:08 GMT
conversation-survey.js
static-cdn.spot.im/production/conversation-survey/tags/v0.3.3/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation-survey/tags/v0.3.3/conversation-survey.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
56545761a3af81b1756405b66caad9029db9e3cea0434d48ae66da9d01894812

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
9460
expires
Tue, 08 Mar 2022 02:23:08 GMT
ab-test-changer.js
static-cdn.spot.im/production/ab-test-changer/tags/v1.1.2/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ab-test-changer/tags/v1.1.2/ab-test-changer.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
f695bd419cc1cc4959996d1441e57fb34dc4da7c4dd369d088fc9ed320069066

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
3038
expires
Tue, 08 Mar 2022 02:23:08 GMT
messages-count-bundle.css
static-cdn.spot.im/production/messages-count/tags/v1.0.0/ 		217 B
214 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/messages-count/tags/v1.0.0/messages-count-bundle.css
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
e99927b117a431d002d016853f9d56ccf53065686c483f8ce0429fa938490271

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
86
expires
Tue, 08 Mar 2022 02:23:08 GMT
messages-count-bundle.js
static-cdn.spot.im/production/messages-count/tags/v1.0.0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/messages-count/tags/v1.0.0/messages-count-bundle.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
8961431d93a9024ccb6d08a572aef6c75500f5edcfdab57ed669a0c1da9a839c

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
1036
expires
Tue, 08 Mar 2022 02:23:08 GMT
css
fonts.googleapis.com/ Frame 820E 		4 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:600|Roboto:900|Poppins:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/38c1736958b0bc4e23364ac123ab3083.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d83b84f93c23e2d460bc66d69fa0b990fd3ff65d8f6368214892b1c5a5d01e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 02:23:08 GMT
server
ESF
date
Sun, 07 Mar 2021 02:23:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 02:23:08 GMT
434d90a94a84edc807fd13fbe40c34dd.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/media/ Frame 820E 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/media/434d90a94a84edc807fd13fbe40c34dd.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be7e647a7c957e004f85a5cefe5b0002ce9d783d7f30f59fe26fec014d51078d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
55550
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27087
x-xss-protection
0
last-modified
Thu, 16 Jul 2020 12:54:39 GMT
server
sffe
date
Sat, 06 Mar 2021 10:57:18 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 10:57:18 GMT
bdb8e8bf678693e9d7f4f07f458ff018.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/media/ Frame 820E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/media/bdb8e8bf678693e9d7f4f07f458ff018.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6971243240602723390/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b051c4614c0ed14a841d460c20a8adf57239756cdba737b949c2b30018586199
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
55550
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2783
x-xss-protection
0
last-modified
Thu, 16 Jul 2020 12:54:39 GMT
server
sffe
date
Sat, 06 Mar 2021 10:57:18 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 10:57:18 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E99C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 02:23:08 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 07-Mar-2021 03:23:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 02:23:08 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 02:23:08 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ 		7 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.25.6/popular-in-the-community.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
043408d901653af0d904e54849944f83b37d2b20c195d8a900e7fa34c45dc257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://static-cdn.spot.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 01:19:44 GMT
server
ESF
date
Sun, 07 Mar 2021 02:23:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 02:23:08 GMT
pubads_impl_2021030201.js
securepubads.g.doubleclick.net/gpt/ Frame 254A 		282 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 09:37:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101677
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DC57 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 07 Mar 2021 01:19:32 GMT
expires
Mon, 07 Mar 2022 01:19:32 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3816
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 254A 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5efeec1c6dfae8e93bbf7509927ca9cbdd3f8a50bce9aec925e7720f6ceef33

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:12:01 GMT
content-encoding
br
last-modified
Sun, 07 Mar 2021 01:33:30 GMT
server
AmazonS3
age
668
etag
W/"3e0dc6d6aa6f093e2cfe792f0be4599e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Sv1wwcWvDKrobJ9EpLWnLi9Igoonmy2v
via
1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
ZAG50-C1
content-type
text/javascript
x-amz-cf-id
wvQk2cRSnlr5lkmj3C5lGJt2dXV7dw-Cr2rHzlHi3HLG-vqt5EqYXQ==
iframe
cloud.cavai.com/api/converse/ Frame FA62 		1 KB
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ebfbd0e34a6fea2a069a8b72244af2db2a48b0d1b0c94050e7202543a06b1e47

Request headers

:method
GET
:authority
cloud.cavai.com
:scheme
https
:path
/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Origin
x-powered-by
Express
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-request-id
08ac17f29e0000c2bdb9b8a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62c05c30fd24c2bd-FRA
content-encoding
gzip
converse-iframe-init.js
cloud.cavai.com/js/ Frame B31B 		848 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.cavai.com/js/converse-iframe-init.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c12edf93cf52968a046c92a4338e65588ca76cf8008b44121825c04eece4460

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 14 Sep 2020 13:21:21 GMT
server
cloudflare
age
5819
etag
W/"5f5f6e51-350"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
62c05c30fd26c2bd-FRA
cf-request-id
08ac17f29f0000c2bdcea05000000001
expires
Sun, 07 Mar 2021 06:23:08 GMT
/
track.adform.net/csimpr/ Frame B31B 		35 B
475 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=44434947&csi=4hBhgy9N144tzObfZGLgrJ-zRzwXfV9V602S52T3KgbrygPkIxxfk6vwjDsXYdB535-DJmsKQwidctmc0UHHUycs4ODdxxAu0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:08 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
iframe
cloud.cavai.com/api/converse/ Frame 05E4 		1 KB
674 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
03a0524fe404ef1faa37728c3a10ff6402e4e60bbde923eb5ea8c9bb978651f9

Request headers

:method
GET
:authority
cloud.cavai.com
:scheme
https
:path
/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Origin
x-powered-by
Express
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-request-id
08ac17f29e0000c2bd7d016000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62c05c30fd25c2bd-FRA
content-encoding
gzip
converse-iframe-init.js
cloud.cavai.com/js/ Frame A001 		848 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.cavai.com/js/converse-iframe-init.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c12edf93cf52968a046c92a4338e65588ca76cf8008b44121825c04eece4460

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 14 Sep 2020 13:21:21 GMT
server
cloudflare
age
5819
etag
W/"5f5f6e51-350"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
62c05c30fd27c2bd-FRA
cf-request-id
08ac17f29f0000c2bd7f9c6000000001
expires
Sun, 07 Mar 2021 06:23:08 GMT
/
track.adform.net/csimpr/ Frame A001 		35 B
475 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=44434947&csi=r29Wyb7cRVzRNbyEf5K3OideoiEbiLhZ602S52T3KgbrygPkIxxfkyWAr9lFM_ZhpjpG1pV7wU0_oSYFtIcieScs4ODdxxAu0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:08 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.washingtontimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
221197
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:31 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.washingtontimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
461256
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:15:32 GMT
makeinfluence-300x250-7.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/ Frame 6BD2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/makeinfluence-300x250-7.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc7616c02f5dafce044ba93d34d4a8a75623137ee30dc3986bf470ea250607ad
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
149979
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2371
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 16:06:35 GMT
server
sffe
date
Fri, 05 Mar 2021 08:43:30 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 08:43:30 GMT
makeinfluence-300x250-6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/ Frame 6BD2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/makeinfluence-300x250-6.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc42985f3a2fb62a6d4e881b8f630659f1461eee9b030f25caaa40c63cb13920
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
357270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2654
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 16:06:35 GMT
server
sffe
date
Tue, 02 Mar 2021 23:08:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 23:08:39 GMT
makeinfluence-300x250-5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/ Frame 6BD2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/makeinfluence-300x250-5.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d644fb09b66c9cfd3aa6f9d72ab92f05abf9430fc2c7be9e38a7ad3c3505a8c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
357270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2884
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 16:06:35 GMT
server
sffe
date
Tue, 02 Mar 2021 23:08:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 23:08:39 GMT
makeinfluence-300x250-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/ Frame 6BD2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17238692523308744704/makeinfluence-300x250-1.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a121acfef6f3c76e309c434d2536344c4c7b6a4474b1cdabfdf920f7ede25127
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
357270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3353
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 16:06:35 GMT
server
sffe
date
Tue, 02 Mar 2021 23:08:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 23:08:39 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 820E 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600|Roboto:900|Poppins:700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 10:13:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
age
58165
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Sun, 06 Mar 2022 10:13:44 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 820E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600|Roboto:900|Poppins:700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 03:20:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:17 GMT
server
sffe
age
342133
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15712
x-xss-protection
0
expires
Thu, 03 Mar 2022 03:20:56 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 820E 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600|Roboto:900|Poppins:700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 06:30:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
age
71558
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Sun, 06 Mar 2022 06:30:31 GMT
usync.html
eus.rubiconproject.com/ Frame 57CE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KLYJ6NQF-E-HJHK; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu/Q5+nOKR+svD2uDQurFUPJWkn8Q1yqng06zAJbpC9zOvGOFXJx/AX1DKVYI/iiF8/WWQzTX+vLxkA/aUD0yeA3YMc5xIUtDof1EQXOfYdkw80=; ses10=; vis10=245008^1; audit=1|hLZGFuTafB1TtNkck0QNqhSNte0ann5GfXNg2m3X6OnptdViNAAhxwvUTyA9ovyMHYhrUBLIn2g+/UJ4kF6/1D/8MtLNt/Ye7Le3TuAOy8Q=; pux=1512%3D97995%262249%3D97995%262307%3D97995%262974%3D97995%263778%3D97995%26idl%3D97995%26brx%3D97995%26goog%3D97995%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Mar 2021 02:23:13 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Sun, 07 Mar 2021 02:23:12 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
usr.undertone.com/userPixel/ Frame 47CD
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1464628836493193853
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1464628836493193853
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.157.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:09 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid
73ecfc49-5d6c-41d3-ab1f-860129a7abcb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1464628836493193853
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 47CD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=3415464f-4790-00d0-1156-3fa10c0c8a4b
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=3415464f-4790-00d0-1156-3fa10c0c8a4b
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.157.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=3415464f-4790-00d0-1156-3fa10c0c8a4b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 47CD
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e99e444-7eec-11eb-bc23-02ae808367ac
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-1IgDbpJ1l2ZC3slubNiVSZjScQcDfl8O~UP0e99e444-7eec-11eb-bc23-02ae808367ac
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-1IgDbpJ1l2ZC3slubNiVSZjScQcDfl8O~UP0e99e444-7eec-11eb-bc23-02ae808367ac
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.157.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sun, 07 Mar 2021 02:23:09 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-1IgDbpJ1l2ZC3slubNiVSZjScQcDfl8O~UP0e99e444-7eec-11eb-bc23-02ae808367ac
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame 47CD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=e1d875cd-72bc-4fe9-8414-488e29ed2798&ttl=1617675789
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=e1d875cd-72bc-4fe9-8414-488e29ed2798&ttl=1617675789
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.157.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=e1d875cd-72bc-4fe9-8414-488e29ed2798&ttl=1617675789
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame 47CD 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame 47CD
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1f54fcc36d628bfe6408e77a207fcd9b702a1cfa
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1f54fcc36d628bfe6408e77a207fcd9b702a1cfa
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.157.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:10 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1f54fcc36d628bfe6408e77a207fcd9b702a1cfa
Date
Sun, 07 Mar 2021 02:23:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
ThirdParty
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.198/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ Frame B31B 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.198/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 16:00:38 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 08 Mar 2021 05:52:19 GMT
ThirdParty
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.198/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ Frame A001 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.198/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 16:00:38 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 08 Mar 2021 05:52:19 GMT
story_2536785
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_iyCBIB1C/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_iyCBIB1C/story_2536785
Protocol
H2
Server
2.16.186.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-114.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.washingtontimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-max-age
86400
date
Sun, 07 Mar 2021 02:23:09 GMT
story_2536785
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_iyCBIB1C/ 		29 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_iyCBIB1C/story_2536785
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-114.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
f10f8963116cb67b19661d201df8f988a4cb0818864da9e868da2d279428913d

Request headers

x-spotim-device-uuid
669706bd-0e8f-45c8-9ba3-04470d8031ab
x-post-id
story_2536785
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_iyCBIB1C
x-spotim-page-view-id
0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
x-spotim-device-uuid
669706bd-0e8f-45c8-9ba3-04470d8031ab
access-control-max-age
86400
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfT1pBSE9VZEZvbDNoIiwiZGlzcGxheV9uYW1lIjoiUmVkRHVja3kiLCJ1c2VyX25hbWUiOiJSZWREdWNreSIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNSZWQtRHVja3kiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJyZXB1dGF0aW9uIjp7fSwic3BvdF9pZCI6InNwX2l5Q0JJQjFDIiwibGFzdF9jaGVjayI6MTYxNTA4Mzc4OSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTIxMDMwN29DZk95Zy5mODZkYzhlMjhmNjkxOWUyMGIxNzE4N2IwNzVjMzIyYWIwMTdiOTRjZjUzOGU1OTYxM2ZhZjk2ZTM1MGM2NDQ0IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkXzV2aVFSclZpNDhhQkE5TjMwZ09JIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNjQzNTA1Nzg5LCJzdWIiOiJ1X09aQUhPVWRGb2wzaCJ9.Bag3EBzEtguEcJ6qp44Vl0QVuRPkkhL2X20prAnnAOk
content-length
8153
x-spotim-token
01210307oCfOyg.f86dc8e28f6919e20b17187b075c322ab017b94cf538e59613faf96e350c6444
x-request-id
0efd09a4-7eec-11eb-a797-e6d9f892f21c
x-guid
669706bd-0e8f-45c8-9ba3-04470d8031ab
server
fasthttp
x-spotim-networkid
spotim
x-spotim-device-v2
d_5viQRrVi48aBA9N30gOI
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.washingtontimes.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid
player.js
player.aniview.com/script/6.1/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:286::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uyqzb8PHaPF5us5_Kn-Z06waBlXMwX03TERU6VzXvjjtUXiqajqnbaZ2TJfDc96wxMr63NzJSWBDvNxzAmY69sY1pLizw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9025
last-modified
Wed, 03 Feb 2021 11:37:40 GMT
server
UploadServer
etag
"c62d615dec6212a668f92693f93e2482"
vary
Accept-Encoding
x-goog-hash
crc32c=ZSnXwQ==, md5=xi1hXexiEqZo+SaT+T4kgg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1612352260380363
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9025
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 07 Mar 2021 02:28:09 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=5f327ef5712b6a63ae7736e5&e=playerLoaded&cb=1615083789207&r=https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
0.js
static-cdn.spot.im/production/analytics-pusher/tags/v1.2.1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/analytics-pusher/tags/v1.2.1/0.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
b47e5237075b356e0f05ca40422cb2a28ddcc3a57e831c816b159f53f31d8d1c

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
2594
expires
Tue, 08 Mar 2022 02:23:09 GMT
sp_iyCBIB1C
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ 		25 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_iyCBIB1C
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/broadcast/tags/v1.0.2/broadcast-fetcher-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-114.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
x-spotim-device-uuid
4e40c65f-45e5-4592-9108-67f9b9454e3d
x-guid
4e40c65f-45e5-4592-9108-67f9b9454e3d
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.washingtontimes.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid
content-length
25
x-request-id
0efd8468-7eec-11eb-bffe-f6d3e1402feb
si
googleads.g.doubleclick.net/pagead/drt/ Frame D822
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
156 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
URL: https://ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmkS_ZZOqlDTqqrVi539hbP0onBkLi9BoxZQTJ4LTs-LGowmRY2ZGH5dsLm0mI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 02:23:09 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 07-Mar-2021 03:23:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 02:23:09 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 02:23:09 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
makeinfluence-728x80-4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/ Frame 1A3C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/makeinfluence-728x80-4.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01c15d8d32b9d4215bb6f84980b96ede0bcc99f76cd9153edb606213c2414555
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
241060
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2751
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 16:06:36 GMT
server
sffe
date
Thu, 04 Mar 2021 07:25:29 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 07:25:29 GMT
makeinfluence-728x80-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/ Frame 1A3C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/makeinfluence-728x80-3.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0f9de106a74e4ef33b5107fb2217d841a582d58a5e686fa33d5035f00c57895
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
107119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3340
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 16:06:36 GMT
server
sffe
date
Fri, 05 Mar 2021 20:37:50 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 20:37:50 GMT
makeinfluence-728x80-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/ Frame 1A3C 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/makeinfluence-728x80-2.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4926af5d480e8012ac635b132536464330e4fb73257922380a9b2a13068fa22c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
330086
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3446
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 16:06:36 GMT
server
sffe
date
Wed, 03 Mar 2021 06:41:43 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Mar 2022 06:41:43 GMT
makeinfluence-728x80-5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/ Frame 1A3C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7416904685967114240/makeinfluence-728x80-5.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c26cc7a5adcfbeab3c5efad4c4055f4e5e79426a618888a1b5475aefb4b448b2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
355844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3327
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 16:06:36 GMT
server
sffe
date
Tue, 02 Mar 2021 23:32:25 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 23:32:25 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
usync.html
eus.rubiconproject.com/ Frame 8CBC 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=dk
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KLYJ6NQF-E-HJHK; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu/Q5+nOKR+svD2uDQurFUPJWkn8Q1yqng06zAJbpC9zOvGOFXJx/AX1DKVYI/iiF8/WWQzTX+vLxkA/aUD0yeA3YMc5xIUtDof1EQXOfYdkw80=; ses10=; vis10=245008^1; audit=1|hLZGFuTafB1TtNkck0QNqhSNte0ann5GfXNg2m3X6OnptdViNAAhxwvUTyA9ovyMHYhrUBLIn2g+/UJ4kF6/1D/8MtLNt/Ye7Le3TuAOy8Q=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Mar 2021 02:23:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame A001 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9738373257ba8c3223de6e50a3fb31603d78e2837c9a5d63ba4875fd6d21e79d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame 88F9 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=dk
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KLYJ6NQF-E-HJHK; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu/Q5+nOKR+svD2uDQurFUPJWkn8Q1yqng06zAJbpC9zOvGOFXJx/AX1DKVYI/iiF8/WWQzTX+vLxkA/aUD0yeA3YMc5xIUtDof1EQXOfYdkw80=; ses10=; vis10=245008^1; audit=1|hLZGFuTafB1TtNkck0QNqhSNte0ann5GfXNg2m3X6OnptdViNAAhxwvUTyA9ovyMHYhrUBLIn2g+/UJ4kF6/1D/8MtLNt/Ye7Le3TuAOy8Q=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Mar 2021 02:23:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame B31B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1d5cff7604ee24a61f15e2528016de79359d541493c834c8b4a35e6645054eb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
hb.spotim.market/geo/ Frame 254A 		133 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/wrapper_hb_270443_241.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
41a323aebc3859f6f1a306dfb986406202ef6742023dfb0df94bad0c4ba25de6

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.washingtontimes.com
Date
Sun, 07 Mar 2021 02:23:10 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
133
Content-Type
application/json
tracking
hb.spotim.market/adunit/ Frame 254A 		43 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=241&full_page_url=https%3A%2F%2Fwww.washingtontimes.com&adid=yj6rnm.ba&vpbv=0745&lifecycle_tte=1462
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/wrapper_hb_270443_241.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.washingtontimes.com
Date
Sun, 07 Mar 2021 02:23:09 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 254A 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee9a9d7e3b40a4af93a5a79da5f7d62f303e9dea244621b1d564bba5cad163ea

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:12:02 GMT
content-encoding
br
last-modified
Sun, 07 Mar 2021 01:32:19 GMT
server
AmazonS3
age
668
etag
W/"6e23119fda76949edbfb567543899b84"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Px8rGj3qg0AuClosva4IHXDd3hX8_THQ
via
1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
ZAG50-C1
content-type
text/javascript
x-amz-cf-id
mWDE8trVUFVmC3aqZToNiMjvk2iHFYtMAq2nTa8zgZdeQRC298wTXg==
view
securepubads.g.doubleclick.net/pcs/ Frame B31B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstatcW2G7yIoLDPB_USPAhaUpJryXQAteGWI4X25Xs0Dtiaa2R6s8B2kpLBEmuVx5viG-xwnOdPK9ho2Novx40LTugQG9yF4p96jSKbw8yJdG1jhlu1kZ91_s9oZp1Uvc24UMP3xOBKMdEldyDxFV-7gcJxTx5VkNlR91kQVZtvofhvRGrpqM30B-kTVmIKX4TM4BMOmfDiGpD0u0Id2a_dbZzxxrnnFC3QGjNzORmEwH9Vg8tIXijKSaJpe-Zi3nVlW1gNUIRcUrmWAFgf04LAxEwB-YUDZ-5QoVbPdZ0bRLyFCz8Zpm5BRZCzGEPC1CG7xWIIk1Q6A&sig=Cg0ArKJSzGi1Wh-oB501EAE&urlfix=1&adurl=
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A001 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy0Uxlaa3xHQuvxbFYvs-iGiAsmNvf2aa-GshdhsXx3jaXS2Wc0Tp2pu_1tvg4wpabVxHKg454dYX6jbQqq53QO1T3u3FA4TH9KAkNaZFoiGE3heM4_ZXiqVJ09kZnsjrlRS2qm2-t1j_QUYnec68rpsS5CiVeVmDGn9Xbs53Q0jpR3AV6ApdPxzpBZTdkgqNn1n0kwJvK3617nq0xlB44vzBbC286v2AHGQG2YNc4iFa_8Jol2INot7ALTnjW8X9Js5RJUZ3n9Jj67vT0I1keBVQpJEAGM8flKB5ixHwwo1Bn3j3pzy8PTJuLohNYfWPTRzDiIZI&sig=Cg0ArKJSzMib5ocHYpCLEAE&urlfix=1&adurl=
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:09 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame AC56 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=55832
Expires
Sun, 07 Mar 2021 17:53:41 GMT
Date
Sun, 07 Mar 2021 02:23:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
j.html
p.appixcdn.com/prebidlink/18693/ Frame 1C81 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.appixcdn.com/prebidlink/18693/j.html?i=6963
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

:method
GET
:authority
p.appixcdn.com
:scheme
https
:path
/prebidlink/18693/j.html?i=6963
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:10 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 16 Sep 2020 14:50:15 GMT
etag
W/"5f622627-434"
cache-control
max-age=3600
content-encoding
gzip
expires
Sun, 07 Mar 2021 03:23:10 GMT
access-control-allow-origin
*
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 254A 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.washingtontimes.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/hb_270443_241.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
5fb72780007bce7b17f4ef81e784aee168b910a905f99ab490c23b98fc86b96f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
last-modified
Sun, 07 Mar 2021 00:02:06 GMT
server
nginx
etag
W/"604417fe-82f"
content-type
application/json
access-control-allow-origin
https://www.washingtontimes.com
expires
Sun, 07 Mar 2021 03:23:09 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
crum
dsum-sec.casalemedia.com/ Frame 2948
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEQ5DOXDLEHXvkPbcd.ClQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDqeJgyPGlXNrzYwd-dkZoI&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDqeJgyPGlXNrzYwd-dkZoI&google_cver=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 07 Mar 2021 02:23:14 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDqeJgyPGlXNrzYwd-dkZoI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2948
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEHANlgl3ohNFCX9kQrGmIOw&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEHANlgl3ohNFCX9kQrGmIOw&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 07 Mar 2021 02:23:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEHANlgl3ohNFCX9kQrGmIOw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2948
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:13 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:12 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2948 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&gdpr=1&cm_dsp_id=70&cm_user_id=YEQ5DOXDLEHXvkPbcd.ClQAA
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 2948 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 2948
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05f62204275fbcf4653ce22a&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05f62204275fbcf4653ce22a&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 07 Mar 2021 02:23:16 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05f62204275fbcf4653ce22a&expiration=[EXPIRATION]&gdpr=1
Date
Sun, 07 Mar 2021 02:23:16 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
crum
dsum-sec.casalemedia.com/ Frame 2948
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9B22640F01CB42CB8B2DC173A2B39BAB&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9B22640F01CB42CB8B2DC173A2B39BAB&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 07 Mar 2021 02:23:14 GMT

Redirect headers

date
Sun, 07 Mar 2021 02:23:11 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9B22640F01CB42CB8B2DC173A2B39BAB&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 06 Mar 2021 02:23:11 GMT
YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2948 		43 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
csync
sync.spotim.market/ Frame 2948 		86 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=301804&extuid=YEQ5DOXDLEHXvkPbcd.ClQAA%26203
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif
converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.css
cloud.cavai.com/css/converses/ Frame FA62 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.cavai.com/css/converses/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.css?bust=1615083788985
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b74adbd7895b438c9cbd370015885ce41373c9c012847458efd8b28632d870d9

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
cf-cache-status
HIT
age
11393
x-powered-by
Express
cf-request-id
08ac17f5110000c2bd643f5000000001
last-modified
Mon, 01 Mar 2021 17:16:33 GMT
server
cloudflare
etag
W/"4b9f-177eecaa35d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
62c05c34ee7bc2bd-FRA
expires
Sun, 07 Mar 2021 06:23:09 GMT
converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js
cloud.cavai.com/js/converses/iframes/ Frame FA62 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788985
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4febd1d11ff0258aabab8d42e40c23fd10fc97565bed2cdfa28d732671cdf08c

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
cf-cache-status
UPDATING
last-modified
Mon, 01 Mar 2021 17:16:33 GMT
server
cloudflare
age
9757
etag
W/"603d2171-35216"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
62c05c34ee7ec2bd-FRA
cf-request-id
08ac17f5120000c2bd702ae000000001
expires
Sun, 07 Mar 2021 06:23:09 GMT
converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.css
cloud.cavai.com/css/converses/ Frame 05E4 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.cavai.com/css/converses/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.css?bust=1615083788988
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b74adbd7895b438c9cbd370015885ce41373c9c012847458efd8b28632d870d9

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
cf-cache-status
HIT
age
11393
x-powered-by
Express
cf-request-id
08ac17f5120000c2bd8f13a000000001
last-modified
Mon, 01 Mar 2021 17:16:33 GMT
server
cloudflare
etag
W/"4b9f-177eecaa35d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
62c05c34ee7dc2bd-FRA
expires
Sun, 07 Mar 2021 06:23:09 GMT
converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js
cloud.cavai.com/js/converses/iframes/ Frame 05E4 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788988
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4febd1d11ff0258aabab8d42e40c23fd10fc97565bed2cdfa28d732671cdf08c

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 01 Mar 2021 17:16:33 GMT
server
cloudflare
etag
W/"603d2171-35216"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
62c05c34ee7fc2bd-FRA
cf-request-id
08ac17f5120000c2bd6d08d000000001
expires
Sun, 07 Mar 2021 06:23:09 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame FE63 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:286::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uyoa6bTl5u-26nu2iIwCymzVwAZDl7PAKSYWCfkf0_LDzmjfQht3pTbPm9P2SzQEBA2Eq7QHxsHV-v4QxyXT50
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95778
last-modified
Wed, 24 Feb 2021 08:53:38 GMT
server
UploadServer
etag
"06ac451dcb93e2560f9563c8286b920c"
vary
Accept-Encoding
x-goog-hash
crc32c=8jEwgw==, md5=BqxFHcuT4lYPlWPIKGuSDA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156818658566
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95778
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 07 Mar 2021 02:28:09 GMT
converse_imgs_1613655426214.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_1613655426214.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/css/converses/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.css?bust=1615083788985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1264b931fbd9f3fbf76fb380cd1cac24d487959da644d152b0a608179e0e6a25

Request headers

Referer
https://cloud.cavai.com/css/converses/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.css?bust=1615083788985
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 18 Feb 2021 13:37:06 GMT
content-length
79951
cf-request-id
08ac17f5720000c2bd643f6000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d82-1384f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c358ea7c2bd-FRA
expires
Sun, 07 Mar 2021 06:23:09 GMT
converse_imgs_1613655426214.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_1613655426214.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/css/converses/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.css?bust=1615083788988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1264b931fbd9f3fbf76fb380cd1cac24d487959da644d152b0a608179e0e6a25

Request headers

Referer
https://cloud.cavai.com/css/converses/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.css?bust=1615083788988
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
cf-cache-status
UPDATING
age
9757
last-modified
Thu, 18 Feb 2021 13:37:06 GMT
content-length
79951
cf-request-id
08ac17f5730000c2bd8f13b000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d82-1384f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c358ea8c2bd-FRA
expires
Sun, 07 Mar 2021 06:23:09 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AC56 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
56ed60d1cbe184c373041929f6236fc67eb233f9c0c19ad8208d2da96c73d528

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:08 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.washingtontimes.com&sn=&cd1=sp_iyCBIB1C&cd2=Desktop&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&ic=0&tgt=0&app=&wi=400&he=300&test=&apppkg=&fv=3&proto=https&pid=5e0e296628a061270b21ccab&cid=5f327ef5712b6a63ae7736e5&e=inventory&vi=0&cb=1615083789786
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
pagead2.googlesyndication.com/bg/ Frame DC57 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
112514
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5600
x-xss-protection
0
expires
Sat, 05 Mar 2022 19:07:55 GMT
/
go1.aniview.com/api/adserver/tag/ 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=1615083789820
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.93.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
29f9f805f765de6086e3ada4a6e0eb59714ae31fb6b447e800f9339357dc40d5

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:31 GMT
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
usersync.aspx
dis.criteo.com/dis/ Frame 58C8 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 07 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1185
x-powered-by
ASP.NET
date
Sun, 07 Mar 2021 02:23:09 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 9CA3
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9215194089315272675
42 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9215194089315272675
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156758:2; KADUSERCOOKIE=D3D14F32-36CD-4416-B829-D45C55888FE8; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1616371200%3A35%7C1616284800%3A161_204_5_56_54_3_165_13_99_21_166_22_78_88_176_189_220_7_71_8_81_222_55%7C1615680000%3A67_2_15_223%7C1617667200%3A203%7C1615939200%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sun, 07 Mar 2021 02:23:10 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_336=5844-9215194089315272675; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 02:23:10 GMT; path=/ PugT=1615083790; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 02:23:10 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 02:23:10 GMT; path=/
X-lat
Pug23046:0:251
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9215194089315272675
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 9AAE 		43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.70.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sun, 07 Mar 2021 02:23:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame FE24
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936732122777254029
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936732122777254029
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_391=22924-5384953386480437165; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&16736-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23019-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23114-uid:947b6044-390a-4800-803f-30e22cd69a94; KRTBCOOKIE_22=14911-8263388018784814492; KRTBCOOKIE_377=6810-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&22918-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&23031-e1d875cd-72bc-4fe9-8414-488e29ed2798; KRTBCOOKIE_218=22978-YEQ5EQAAAG4Duizr&KRTB&23194-YEQ5EQAAAG4Duizr&KRTB&23209-YEQ5EQAAAG4Duizr&KRTB&23244-YEQ5EQAAAG4Duizr; KRTBCOOKIE_1074=22956-e_6c4023b5-ec99-4d47-91b5-b3cf6ccdf999; KRTBCOOKIE_466=16530-48398044-6b02-43b6-ac81-2c942856e6f5; PugT=1615083802
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 02:23:25 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6936732122777254029; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 02:23:25 GMT; path=/ PugT=1615083805; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 02:23:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 02:23:25 GMT; path=/
X-lat
lhrpug020:0:373
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 07 Mar 2021 02:23:25 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6936732122777254029; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936732122777254029
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 5F7E
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=DIYWibop2RXAtFaRhf87Wbdv
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=DIYWibop2RXAtFaRhf87Wbdv
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_391=22924-5384953386480437165; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&16736-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23019-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23114-uid:947b6044-390a-4800-803f-30e22cd69a94; KRTBCOOKIE_22=14911-8263388018784814492; KRTBCOOKIE_377=6810-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&22918-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&23031-e1d875cd-72bc-4fe9-8414-488e29ed2798; KRTBCOOKIE_218=22978-YEQ5EQAAAG4Duizr&KRTB&23194-YEQ5EQAAAG4Duizr&KRTB&23209-YEQ5EQAAAG4Duizr&KRTB&23244-YEQ5EQAAAG4Duizr; KRTBCOOKIE_1074=22956-e_6c4023b5-ec99-4d47-91b5-b3cf6ccdf999; KRTBCOOKIE_466=16530-48398044-6b02-43b6-ac81-2c942856e6f5; KRTBCOOKIE_1101=23040-6936732122777254029; PugT=1615083805
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 02:23:25 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-DIYWibop2RXAtFaRhf87Wbdv&KRTB&23212-DIYWibop2RXAtFaRhf87Wbdv; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 02:23:25 GMT; path=/ PugT=1615083805; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 02:23:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 02:23:25 GMT; path=/
X-lat
lhrpug013:0:335
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sun, 07 Mar 2021 02:23:25 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=DIYWibop2RXAtFaRhf87Wbdv; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=DIYWibop2RXAtFaRhf87Wbdv
strict-transport-security
max-age=0; includeSubDomains;
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame C37B
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2936490194
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2936490194
  • https://sync.1rx.io/usersync/tradedesk/96eb8459-8283-47a7-8f41-2ad0c236f9e1
  • https://sync.targeting.unrulymedia.com/csync/RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003
42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_391=22924-5384953386480437165; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&16736-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23019-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23114-uid:947b6044-390a-4800-803f-30e22cd69a94; KRTBCOOKIE_22=14911-8263388018784814492; KRTBCOOKIE_377=6810-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&22918-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&23031-e1d875cd-72bc-4fe9-8414-488e29ed2798; KRTBCOOKIE_218=22978-YEQ5EQAAAG4Duizr&KRTB&23194-YEQ5EQAAAG4Duizr&KRTB&23209-YEQ5EQAAAG4Duizr&KRTB&23244-YEQ5EQAAAG4Duizr; KRTBCOOKIE_1074=22956-e_6c4023b5-ec99-4d47-91b5-b3cf6ccdf999; KRTBCOOKIE_466=16530-48398044-6b02-43b6-ac81-2c942856e6f5; KRTBCOOKIE_1101=23040-6936732122777254029; PugT=1615083805; KRTBCOOKIE_409=22966-DIYWibop2RXAtFaRhf87Wbdv&KRTB&23212-DIYWibop2RXAtFaRhf87Wbdv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sun, 07 Mar 2021 02:23:25 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_594=17105-RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003&KRTB&17107-RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 02:23:25 GMT; path=/ PugT=1615083805; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 02:23:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 02:23:25 GMT; path=/
X-lat
Pug23024:0:324
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
Tengine
Date
Sun, 07 Mar 2021 02:23:25 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003%22%7D; path=/; expires=Mon, 07 Mar 2022 02:23:25 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003
ETag
RX77967e1de45d45a0a670a2ee83ed494b003
bridge
cm.adgrx.com/ Frame 1FAC 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sun, 07 Mar 2021 02:23:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 1E77
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aCnoeUO5nPp7PRodTFRpDY4bb12GaYAqNb8eV1fx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 07 Mar 2021 02:23:10 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=da74d1e5aceab54b98e5cc9a5acf0404f1615083790; expires=Tue, 06-Apr-21 02:23:10 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=amnseFy4ZawEBA9MAJPndXefDUyqNMUCfDb0tuV7EOBA7jnOUvJGrVApNDCliTwTAKjmSUe0OThYvnlntf7wW; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 02:23:10 GMT; SameSite=None; Secure; ANON_ID_old=amnseFy4ZawEBA9MAJPndXefDUyqNMUCfDb0tuV7EOBA7jnOUvJGrVApNDCliTwTAKjmSUe0OThYvnlntf7wW; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 02:23:10 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08ac17f73000004a923784f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62c05c384bc64a92-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sun, 07 Mar 2021 02:23:10 GMT
content-type
text/html
set-cookie
__cfduid=d125a1e5376be3f52d1c3b2822850e4fe1615083789; expires=Tue, 06-Apr-21 02:23:09 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aCnoeUO5nPp7PRodTFRpDY4bb12GaYAqNb8eV1fx; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 02:23:10 GMT; SameSite=None; Secure; ANON_ID_old=aCnoeUO5nPp7PRodTFRpDY4bb12GaYAqNb8eV1fx; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 02:23:10 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
426
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08ac17f67500004a924b2fb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62c05c372af74a92-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame F286
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=blKkuo6nwkdh&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=blKkuo6nwkdh&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_391=22924-5384953386480437165; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&16736-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23019-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23114-uid:947b6044-390a-4800-803f-30e22cd69a94; KRTBCOOKIE_22=14911-8263388018784814492; KRTBCOOKIE_377=6810-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&22918-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&23031-e1d875cd-72bc-4fe9-8414-488e29ed2798; KRTBCOOKIE_218=22978-YEQ5EQAAAG4Duizr&KRTB&23194-YEQ5EQAAAG4Duizr&KRTB&23209-YEQ5EQAAAG4Duizr&KRTB&23244-YEQ5EQAAAG4Duizr; KRTBCOOKIE_1074=22956-e_6c4023b5-ec99-4d47-91b5-b3cf6ccdf999; KRTBCOOKIE_466=16530-48398044-6b02-43b6-ac81-2c942856e6f5; KRTBCOOKIE_1101=23040-6936732122777254029; PugT=1615083805; KRTBCOOKIE_409=22966-DIYWibop2RXAtFaRhf87Wbdv&KRTB&23212-DIYWibop2RXAtFaRhf87Wbdv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 02:23:25 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 02:23:25 GMT; path=/
X-lat
lhrpug014:0:244
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-7bgcl
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=blKkuo6nwkdh&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=413d61eb6fb14d76; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame AC15
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=835515c1-11d7-4376-8030-a4700622c51f-tuct73dbe8d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=835515c1-11d7-4376-8030-a4700622c51f-tuct73dbe8d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=835515c1-11d7-4376-8030-a4700622c51f-tuct73dbe8d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=835515c1-11d7-4376-8030-a4700622c51f-tuct73dbe8d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sun, 07 Mar 2021 02:23:10 GMT
via
1.1 varnish
x-served-by
cache-fra19154-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1615083790.093391,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=835515c1-11d7-4376-8030-a4700622c51f-tuct73dbe8d;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 07-Mar-2022 02:23:09 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=835515c1-11d7-4376-8030-a4700622c51f-tuct73dbe8d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sun, 07 Mar 2021 02:23:10 GMT
via
1.1 varnish
x-served-by
cache-hhn11563-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1615083790.938674,VS0,VE62
x-vcl-time-ms
62
content-length
0
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame AF5E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPZgl6Pa1LiJ4E5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPZgl6Pa1LiJ4E5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1615083794; KTPCACOOKIE=YES; pi=156758:2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 02:23:17 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:FPZgl6Pa1LiJ4E5; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 02:23:17 GMT; path=/ PugT=1615083797; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 02:23:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 02:23:17 GMT; path=/
X-lat
lhrpug016:0:464
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sun, 07 Mar 2021 02:23:16 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPZgl6Pa1LiJ4E5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-05a1c1cf6bbf9fe9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=FPZgl6Pa1LiJ4E5; Domain=.w55c.net; Expires=Thu, 07-Apr-2022 02:23:17 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Tue, 06-Apr-2021 02:23:17 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
check
pixel.tapad.com/idsync/ex/receive/ Frame C6BA
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=92706965&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1615083797486; TapAd_DID=13d240e5-7eec-11eb-afe8-5a9a02d33f5c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 07 Mar 2021 02:23:17 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Sun, 07 Mar 2021 02:23:17 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1615083797486;Expires=Thu, 06 May 2021 02:23:17 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=13d240e5-7eec-11eb-afe8-5a9a02d33f5c;Expires=Thu, 06 May 2021 02:23:17 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set csync
sync.spotim.market/ Frame E699 		86 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=D3D14F32-36CD-4416-B829-D45C55888FE8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.spotim.market
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=33ae5e61fb4bc357; a271858=1464628836493193853
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
VertaMedia 1.0
Date
Sun, 07 Mar 2021 02:23:09 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=33ae5e61fb4bc357; expires=Sat, 08 May 2021 02:23:10 GMT; domain=.spotim.market; path=/; secure; SameSite=None a281178=D3D14F32-36CD-4416-B829-D45C55888FE8; expires=Sat, 08 May 2021 02:23:10 GMT; domain=.spotim.market; path=/; secure; SameSite=None
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC56
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=09FPMjbNRBa4KdRcVYiP6A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=60614
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 07 Mar 2021 19:13:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame AC56 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=D3D14F32-36CD-4416-B829-D45C55888FE8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62c05c373b9b4a79-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08ac17f67f00004a7909170000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame AC56
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D3D14F32-36CD-4416-B829-D45C55888FE8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D3D14F32-36CD-4416-B829-D45C55888FE8&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D3D14F32-36CD-4416-B829-D45C55888FE8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:25 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:25 GMT
frontend-id
5
location
/pubmatic/1/info2?sType=sync&sExtCookieId=D3D14F32-36CD-4416-B829-D45C55888FE8&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D3D14F32-36CD-4416-B829-D45C55888FE8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D3D14F32-36CD-4416-B829-D45C55888FE8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D3D14F32-36CD-4416-B829-D45C55888FE8&addseg=29
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D3D14F32-36CD-4416-B829-D45C55888FE8&addseg=29
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:25 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sun, 07 Mar 2021 02:23:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D3D14F32-36CD-4416-B829-D45C55888FE8&addseg=29
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDNEMTRGMzItMzZDRC00NDE2LUI4MjktRDQ1QzU1ODg4RkU4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:11 GMT
X-lat
lhrpug013:0:375
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDQIJ5xD1jRQ5LV-f2HAWc0&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDQIJ5xD1jRQ5LV-f2HAWc0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:11 GMT
X-lat
lhrpug018:0:419
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDQIJ5xD1jRQ5LV-f2HAWc0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame AC56 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 06 Mar 2021 02:23:11 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5384953386480437165
42 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5384953386480437165
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:17 GMT
X-lat
lhrpug017:0:467
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:09 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5384953386480437165
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:947b6044-390a-4800-803f-30e22cd69a94&gdpr=0&gdpr_consent=
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:947b6044-390a-4800-803f-30e22cd69a94&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:16 GMT
X-lat
Pug23036:0:250
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sun, 07 Mar 2021 02:23:09 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:947b6044-390a-4800-803f-30e22cd69a94&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 07 Mar 2021 02:23:08 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1d875cd-72bc-4fe9-8414-488e29ed2798
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1d875cd-72bc-4fe9-8414-488e29ed2798
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:15 GMT
X-lat
Pug23029:0:295
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1d875cd-72bc-4fe9-8414-488e29ed2798
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1464628836493193853&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1464628836493193853&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:11 GMT
X-lat
lhrpug004:0:528
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:09 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid
1a4c387c-d6a5-406a-a8a9-245a7c699592
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1464628836493193853&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D3D14F32-36CD-4416-B829-D45C55888FE8&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HclQy9B1l2InULCFknP7eBP9ftPJ8o0-&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HclQy9B1l2InULCFknP7eBP9ftPJ8o0-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sun, 07 Mar 2021 02:23:14 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Sun, 07 Mar 2021 02:23:09 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HclQy9B1l2InULCFknP7eBP9ftPJ8o0-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
D3D14F32-36CD-4416-B829-D45C55888FE8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AC56 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D3D14F32-36CD-4416-B829-D45C55888FE8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8263388018784814492&gdpr=0&gdpr_consent=&us_privacy=
1 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8263388018784814492&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:16 GMT
X-lat
Pug23030:0:289
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8263388018784814492&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 07 Mar 2021 02:23:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1h9KP9MWTjPNSko7gh1Tb9IXRm3NFhpo1xhctjy8
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1h9KP9MWTjPNSko7gh1Tb9IXRm3NFhpo1xhctjy8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:10 GMT
X-lat
Pug23038:0:297
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1h9KP9MWTjPNSko7gh1Tb9IXRm3NFhpo1xhctjy8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=09a7c9b0a6b54fc88bbcb2378f686efd&ssp=pubmatic&bsw_param=0bb0d2bf-9b98-437f-ab1c-0e86342894db&gdpr=0&consent=&gdpr_pd=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=354&user_id=09a7c9b0a6b54fc88bbcb2378f686efd&ssp=pubmatic&bsw_param=0bb0d2bf-9b98-437f-ab1c-0e86342894db&gdpr=0&consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=48398044-6b02-43b6-ac81-2c942856e6f5&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=48398044-6b02-43b6-ac81-2c942856e6f5&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:22 GMT
X-lat
Pug23043:0:341
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=48398044-6b02-43b6-ac81-2c942856e6f5&gdpr=0&gdpr_consent=&gdpr_pd=
date
Sun, 07 Mar 2021 02:23:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEQ5EQAAAG4Duizr&gdpr=0&gdpr_consent=&_test=YEQ5EQAAAG4Duizr
1 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEQ5EQAAAG4Duizr&gdpr=0&gdpr_consent=&_test=YEQ5EQAAAG4Duizr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:17 GMT
X-lat
Pug23025:0:283
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615083794.934009,VS0,VE0
x-served-by
cache-hhn4059-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEQ5EQAAAG4Duizr&gdpr=0&gdpr_consent=&_test=YEQ5EQAAAG4Duizr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:11 GMT
X-lat
lhrpug001:0:494
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:11 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame AC56 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D3D14F32-36CD-4416-B829-D45C55888FE8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:09 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d2e7e4db-65ce-41ae-80f4-07340cdd1b33&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d2e7e4db-65ce-41ae-80f4-07340cdd1b33&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:18 GMT
X-lat
lhrpug011:0:391
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d2e7e4db-65ce-41ae-80f4-07340cdd1b33&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 07 Mar 2021 02:23:18 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1464628836493193853
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1464628836493193853
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:17 GMT
X-lat
lhrpug006:0:332
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:13 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid
3d433327-d8da-4276-b78a-438f41c4173e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1464628836493193853
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AC56
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_6c4023b5-ec99-4d47-91b5-b3cf6ccdf999
42 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_6c4023b5-ec99-4d47-91b5-b3cf6ccdf999
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:16 GMT
X-lat
Pug23047:0:245
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_6c4023b5-ec99-4d47-91b5-b3cf6ccdf999
date
Sun, 07 Mar 2021 02:23:14 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
gen_204
pagead2.googlesyndication.com/pagead/ Frame B35D 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=81111569845521&bg=!TE-lTwzNAAWsVXnBrDsAKQB2-DxaW00s5FVJXW_-Kc2kNtDerDPDCCQSYn8AC0S1iyaG7NVgmUaxAgAAAM5SAAAAIGgBBwoAX-uL1rZXDnVQXZPG1_ritK3mht-RPaJA-ad8XLByQ837VBMjzXcZ_rrudCanw24a28kpYWC9C9JCKe1UTFfRNjm_jiQ6RdwERHZOu7OAxRhNfHJ0OiwQGCyov_SeLMAqmQI2zUngiPAT67z__O2Nw_JXOw2Wvqlbrl7QZDHqaBpQUDxJgMu8Lgq908vWTfLQNIz-t0-gjFIKdvnV648wbeAGA6UBxSbDmnmHBVxPXwYZcublm4LM2PzgPenekBCsWx6kAOzfPWIn43DCXlyK3s6_bwb5_K5ZzPl9WuZS_JHfalkq_rWr2B0Oav2oLAwNTK1JHKuAdQfqXYz2DyqUqHXPZ4Y6jfmbB0PG0xAVXvN3hSL87vVFtIK8tcaxxZX-pdk5JbwhWNiy6i01Ppq89u0NJMLCQdiNKFwjxiQNbCNS65WWs0nxJ3j3TWbVfq_cW8qWX1h2Tyjom6XLH1ebUNmDtXGzqvoqumcabpB76Zq4cMZlpvNRXaVShSxlnvarqcoCd0GzEAem_Jc35qi122VC6FLVFT7ffnXF9hMpPsZfoxIpggu6c3-lrp_PjtkesFRqnDq9KeR9Ru_ikt3vG8YQg72uUtEldBGw3_M6KHJU51PBVjmg8ACBxoEwg-x_Y3-A17pOzHkB8SIYYNkuacZsbPtptUZFdbxj66vUgIoSpb79UU3lVBvIVOwInnQHOzbKm2mZqpy4l7G0h80-eKASCmS2Rt4H7W20RAznwwJeHYCFeZyEQ0ylBB9hpXuRxOC-hq44o0SZbOQb0cp305lqfXEALvgQDZ-xstJVmPBoxPOxgWbAAO6rdD906olPXV5dsCCyAFkQdEvrZx4UsnSHbHwZBsFoWE7IGh9dOER_KWxpMqRdvLw
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8CBC 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=dk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=dk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9420
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Sun, 07 Mar 2021 05:00:10 GMT
usync.js
eus.rubiconproject.com/ Frame 88F9 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=dk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=dk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9420
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Sun, 07 Mar 2021 05:00:10 GMT
v1
analytics-1.cavai.com/edge/collector/ Frame 05E4 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-1.cavai.com/edge/collector/v1?campaign_id=1208&creative_id=6407&session_id=7eb18552-6bb1-4178-b1b6-fdaea1a0e647
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cloud.cavai.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
62c05c3b09ae4ed9-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-request-id
08ac17f8e600004ed9748e9000000001
v1
analytics-1.cavai.com/edge/collector/ Frame FA62 		0
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-1.cavai.com/edge/collector/v1?campaign_id=1208&creative_id=6407&session_id=4076b457-a46f-4e7a-81b0-402a10e1c23a
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cloud.cavai.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
62c05c3b19b94ed9-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-request-id
08ac17f8f200004ed95b36a000000001
tap.php
pixel.rubiconproject.com/ Frame 8CBC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/07cyBqjZ9ClF5yIb-l2b2A?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2431745423828351792
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2431745423828351792
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

date
Sun, 07 Mar 2021 02:23:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2431745423828351792
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 8CBC 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:10 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 8CBC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=947b6044-390a-4800-803f-30e22cd69a94
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=947b6044-390a-4800-803f-30e22cd69a94
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

Date
Sun, 07 Mar 2021 02:23:10 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=947b6044-390a-4800-803f-30e22cd69a94
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 07 Mar 2021 02:23:09 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 8CBC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 8CBC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLYJ6NQF-E-HJHK&sigv=1&esig=2~ebf90c5918bfd3b4928bfd25f3f90cdc773fde7e&us_privacy=1---
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLYJ6NQF-E-HJHK&sigv=1&esig=2~ebf90c5918bfd3b4928bfd25f3f90cdc773fde7e&us_privacy=1---
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:13 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLYJ6NQF-E-HJHK&sigv=1&esig=2~ebf90c5918bfd3b4928bfd25f3f90cdc773fde7e&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8CBC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xZSjZOUUYtRS1ISkhL&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xZSjZOUUYtRS1ISkhL&us_privacy=1---&google_tc=
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xZSjZOUUYtRS1ISkhL&us_privacy=1---&google_tc=
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xZSjZOUUYtRS1ISkhL&us_privacy=1---&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8CBC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YEQ5EQAAAKryAyrK
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEQ5EQAAAKryAyrK&us_privacy=1---&_test=YEQ5EQAAAKryAyrK
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEQ5EQAAAKryAyrK&us_privacy=1---&_test=YEQ5EQAAAKryAyrK
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615083794.053564,VS0,VE0
x-served-by
cache-hhn4059-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEQ5EQAAAKryAyrK&us_privacy=1---&_test=YEQ5EQAAAKryAyrK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 8CBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFnjK-tIga6p4D5AvzwUnjE&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFnjK-tIga6p4D5AvzwUnjE&google_cver=1
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFnjK-tIga6p4D5AvzwUnjE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbm_307825_6963.js
p.appixcdn.com/prebidlink/18693/ Frame 1C81 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.appixcdn.com/prebidlink/18693/pbm_307825_6963.js
Requested by
Host: p.appixcdn.com
URL: https://p.appixcdn.com/prebidlink/18693/j.html?i=6963
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
ff4a553485d64dc68694388a8ff51cfe6d18e9f50582d3e4e2894c2a1c77c383

Request headers

Referer
https://p.appixcdn.com/prebidlink/18693/j.html?i=6963
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:10 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 16:48:26 GMT
server
nginx
etag
W/"60410f5a-8900"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 07 Mar 2021 03:23:10 GMT
tracking
ghb.adtelligent.com/adunit/ Frame 1C81 		43 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fwww.washingtontimes.com&adid=1ed50de072ef52&vpbv=M052&client_id=307825&site_id=6963&lifecycle_tte=1165
Requested by
Host: p.appixcdn.com
URL: https://p.appixcdn.com/prebidlink/18693/pbm_307825_6963.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://p.appixcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.appixcdn.com
Date
Sun, 07 Mar 2021 02:23:10 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
csyncs
hb.spotim.market/ Frame 254A 		159 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/csyncs?aid1=537181&aid2=572165
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/wrapper_hb_270443_241.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
3ea534b0ca7d28e17ed8fc0633503b64fecbb4d710def5e081bff64b82f0218c

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.washingtontimes.com
Date
Sun, 07 Mar 2021 02:23:09 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
159
Content-Type
application/json; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 6230
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KLYJ6NQF-E-HJHK; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu/Q5+nOKR+svD2uDQurFUPJWkn8Q1yqng06zAJbpC9zOvGOFXJx/AX1DKVYI/iiF8/WWQzTX+vLxkA/aUD0yeA3YMc5xIUtDof1EQXOfYdkw80=; ses10=; vis10=245008^1; audit=1|hLZGFuTafB1TtNkck0QNqhSNte0ann5GfXNg2m3X6OnptdViNAAhxwvUTyA9ovyMHYhrUBLIn2g+/UJ4kF6/1D/8MtLNt/Ye7Le3TuAOy8Q=; pux=1512%3D97995%262249%3D97995%262307%3D97995%262974%3D97995%263778%3D97995%26idl%3D97995%26brx%3D97995%26goog%3D97995%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Mar 2021 02:23:13 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Date
Sun, 07 Mar 2021 02:23:12 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
collect
www.clarity.ms/eus2/ 		7 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.9/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:10 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
x-azure-ref
0DzlEYAAAAAAhtjyqXVHfTLnZ5+GMiHpDRlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
content-length
11
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.washingtontimes.com%2F&domain=www.washingtontimes.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.washingtontimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1178
date
Sun, 07 Mar 2021 02:23:10 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 254A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.washingtontimes.com%2F&domain=www.washingtontimes.com&cw=1
  • https://mug.criteo.com/sid?cpp=7yGAeXxpeEVEZDBrN0REQXJGSFJQT3FvUzRrdHlXb2VYR1ZYb2dmcnJXdVJPbytKQS9ONEVYNjkybEFpclIrMDNSTmFmOFlFWC95TDRCYlpGRVc2bzE5eVhMSW91Vzc0NCszemFSV3hPNURrNFg0azl0SjBQV21KWEM3eH...
347 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7yGAeXxpeEVEZDBrN0REQXJGSFJQT3FvUzRrdHlXb2VYR1ZYb2dmcnJXdVJPbytKQS9ONEVYNjkybEFpclIrMDNSTmFmOFlFWC95TDRCYlpGRVc2bzE5eVhMSW91Vzc0NCszemFSV3hPNURrNFg0azl0SjBQV21KWEM3eHZ0cVhYek1CczFrOG9yQWg5dDJBcE1QMHViaXN6NDRaYTRGT1BOWTB1OFVncS9EaHNDdWFHUXZMa3dmSzFNdkJlaWpFcmU3TjVpMkxQckc3Y2t4Ym81TFFOYUtXVTl1M2RTcmxhUnVmN0NOWHhOZG4rU0RXK2l4QXNhQi92c05ZRlpDZVowZ0MvfA&cppv=2
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c137ab2ff8bb9e130e4348edbcfb75e16a0a7379b04b41ef1f525992280cedef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 07 Mar 2021 02:23:12 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2074
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 07 Mar 2021 02:23:10 GMT
location
https://mug.criteo.com/sid?cpp=7yGAeXxpeEVEZDBrN0REQXJGSFJQT3FvUzRrdHlXb2VYR1ZYb2dmcnJXdVJPbytKQS9ONEVYNjkybEFpclIrMDNSTmFmOFlFWC95TDRCYlpGRVc2bzE5eVhMSW91Vzc0NCszemFSV3hPNURrNFg0azl0SjBQV21KWEM3eHZ0cVhYek1CczFrOG9yQWg5dDJBcE1QMHViaXN6NDRaYTRGT1BOWTB1OFVncS9EaHNDdWFHUXZMa3dmSzFNdkJlaWpFcmU3TjVpMkxQckc3Y2t4Ym81TFFOYUtXVTl1M2RTcmxhUnVmN0NOWHhOZG4rU0RXK2l4QXNhQi92c05ZRlpDZVowZ0MvfA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3946
content-length
509
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 254A 		0
0
imp
g2.gumgum.com/hbid/ Frame 254A 		0
0
bid
ap.lijit.com/rtb/ Frame 254A 		0
0
/
ghb.adtelligent.com/v2/auction/ Frame 254A 		240 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/hb_270443_241.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
9e8f906a264dbaa19f933695fa95b73b70a32a8621055dc18cc6bed1ad9cc927

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 Mar 2021 02:23:10 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
157
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 254A 		0
0
arj
spot-im-d.openx.net/w/1.0/ Frame 254A 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=36a587fe-e378-4cb8-848a-1b5ad57afb64&nocache=1615083791128&pubcid=a01715e4-b7e4-41e1-bd0c-2e8003aa5aad&schain=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&aus=300x250%2C336x280%2C320x250&divIds=div-gpt-ad-1585492792385-0&auid=540934835
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/hb_270443_241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
919b7f4e42fefadf325849815670dbe40a93884523078ec4f7aa16632485db36

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:11 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.washingtontimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 254A 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.15.0-11&cb=66126797304
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/hb_270443_241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.washingtontimes.com
date
Sun, 07 Mar 2021 02:23:11 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 254A 		0
0
cygnus
htlb.casalemedia.com/ Frame 254A 		25 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22216bf48d8586a58%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_iyCBIB1C%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22226750aea4cfdd3%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22232d3ed64335e65%22%2C%22ext%22%3A%7B%22siteID%22%3A%22494467%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%222468a22c4598e33%22%2C%22ext%22%3A%7B%22siteID%22%3A%22539231%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2225ee51ab579ae7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22581365%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22226750aea4cfdd3%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22226750aea4cfdd3%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/hb_270443_241.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc1ea69d6354f627ab8f83d77f411ab099671b3452e7ebfcbb337a22e4b98ebc

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:11 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.washingtontimes.com
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
10
expires
Sun, 07 Mar 2021 02:23:11 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 254A 		0
0
bids
prebid-us.creativecdn.com/bidder/prebid/ Frame 254A 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 1C81 		0
0
cdb
bidder.criteo.com/ Frame 1C81 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22&cb=10921167212
Requested by
Host: p.appixcdn.com
URL: https://p.appixcdn.com/prebidlink/18693/pbm_307825_6963.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.appixcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://p.appixcdn.com
date
Sun, 07 Mar 2021 02:23:12 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid-request
onetag-sys.com/ Frame 1C81 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: p.appixcdn.com
URL: https://p.appixcdn.com/prebidlink/18693/pbm_307825_6963.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.appixcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://p.appixcdn.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
hb
ice.360yield.com/ Frame 1C81 		0
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1C81 		0
0
Cookie set usermatch
ssum.casalemedia.com/ Frame 5AB8 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b3f1909ae98b09d0e3993bb6ff6e344acb85988745396f935250ca05ccd7e525

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YEQ5DOXDLEHXvkPbcd.ClQAA; CMPS=656; CMPRO=203; CMRUM3=f16044390c05a00&0d6044390c05a0&276044390c0b40&496044390c05a00&e66044390c27600&2d6044390c05a0&5a6044390c05a0&2e6044390c05a0; CMST=YEQ5DGBEOQwA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|3|4|130|176|152|47|8
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1471
Expires
Sun, 07 Mar 2021 02:23:15 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:15 GMT
Connection
keep-alive
Set-Cookie
CMID=YEQ5DOXDLEHXvkPbcd.ClQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 07 Mar 2022 02:23:15 GMT CMPS=656;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 05 Jun 2021 02:23:15 GMT CMPRO=203;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 05 Jun 2021 02:23:15 GMT CMST=YEQ5DGBEORMA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Mar 2021 02:23:15 GMT CMRUM3=5a6044390c05a0&8260443913a8c0&2e6044390c05a0&986044391305a00&2f6044391305a0&046044391305a0&b06044391305a00&0d6044390c05a0&2d6044390c05a0&e66044390c27600&496044390c05a00&036044391305a0&ce6044391305a00&086044391305a00&f16044390c05a00&276044390c0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 07 Mar 2022 02:23:15 GMT
cookiesyncendpoint
sync.aniview.com/ Frame C62D
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=55&key=1464628836493193853
0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=55&key=1464628836493193853
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=55&key=1464628836493193853
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:13 GMT
content-length
0
set-cookie
aniC=1615083791111-946152166051-020961-014-006912; Path=/; Domain=aniview.com; Expires=Sun, 14 Mar 2021 02:23:13 GMT; Secure; SameSite=None 2_C_55=1464628836493193853; Path=/; Domain=aniview.com; Expires=Sun, 14 Mar 2021 02:23:13 GMT; Secure; SameSite=None 2_C_55=1464628836493193853; Path=/; Expires=Sun, 14 Mar 2021 02:23:13 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Sun, 07 Mar 2021 02:23:13 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=55&key=1464628836493193853
AN-X-Request-Uuid
64b8c211-268a-49b1-9d64-71d2f04a6b23
Set-Cookie
uuid2=1464628836493193853; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 05-Jun-2021 02:23:13 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.235:80
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A3A2 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D1%26key%3D
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156758:2; KADUSERCOOKIE=D3D14F32-36CD-4416-B829-D45C55888FE8; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1616371200%3A35%7C1616284800%3A161_204_5_56_54_3_165_13_99_21_166_22_78_88_176_189_220_7_71_8_81_222_55%7C1615680000%3A67_2_15_223%7C1617667200%3A203%7C1615939200%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=60614
Expires
Sun, 07 Mar 2021 19:13:29 GMT
Date
Sun, 07 Mar 2021 02:23:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
pixel.advertising.com/ups/58268/ Frame 6823 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.102.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
APID=UP0e99e444-7eec-11eb-bc23-02ae808367ac
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame 91ED
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D2%26key%3D%24S...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=2&key=0eab7120-7eec-11eb-a660-1a7ccaea0406
0
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=2&key=0eab7120-7eec-11eb-a660-1a7ccaea0406
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=2&key=0eab7120-7eec-11eb-a660-1a7ccaea0406
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:18 GMT
content-length
0
set-cookie
aniC=1615083791111-946152166051-020961-014-006912; Path=/; Domain=aniview.com; Expires=Sun, 14 Mar 2021 02:23:18 GMT; Secure; SameSite=None 2_C_2=0eab7120-7eec-11eb-a660-1a7ccaea0406; Path=/; Domain=aniview.com; Expires=Sun, 14 Mar 2021 02:23:18 GMT; Secure; SameSite=None 2_C_2=0eab7120-7eec-11eb-a660-1a7ccaea0406; Path=/; Expires=Sun, 14 Mar 2021 02:23:18 GMT; Secure; SameSite=None

Redirect headers

Server
nginx
Date
Sun, 07 Mar 2021 02:23:18 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=0eab7120-7eec-11eb-a660-1a7ccaea0406; expires=Mon, 07-Mar-2022 03:29:58 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=2&key=0eab7120-7eec-11eb-a660-1a7ccaea0406
X-fe
64
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
usync.html
eus.rubiconproject.com/ Frame 9B0D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.washingtontimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KLYJ6NQF-E-HJHK; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu/Q5+nOKR+svD2uDQurFUPJWkn8Q1yqng06zAJbpC9zOvGOFXJx/AX1DKVYI/iiF8/WWQzTX+vLxkA/aUD0yeA3YMc5xIUtDof1EQXOfYdkw80=; ses10=; vis10=245008^1; audit=1|hLZGFuTafB1TtNkck0QNqhSNte0ann5GfXNg2m3X6OnptdViNAAhxwvUTyA9ovyMHYhrUBLIn2g+/UJ4kF6/1D/8MtLNt/Ye7Le3TuAOy8Q=; pux=1512%3D97995%262249%3D97995%262307%3D97995%262974%3D97995%263778%3D97995%26idl%3D97995%26brx%3D97995%26goog%3D97995%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Mar 2021 02:23:13 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Date
Sun, 07 Mar 2021 02:23:12 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
cookiesyncendpoint
sync.aniview.com/ Frame 93AC
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D72%26pid%3D5e0e...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

date
Sun, 07 Mar 2021 02:23:13 GMT
content-length
0

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
content-length
0
date
Sun, 07 Mar 2021 02:23:11 GMT
server
AC1.1
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
tag
p4dt2-x71s7.ads.tremorhub.com/ad/ 		119 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-x71s7.ads.tremorhub.com/ad/tag?adCode=p4dt2-z1bwz&playerWidth=400&playerHeight=300&gdpr=1&gdpr_consent=&srcPageUrl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&floor=USD:6.875&cbb=5083791206
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:c38c:36a3:7af7:45e3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ae07da0b8bdaa74042237e5292bd98e9a7b4f6991843c1144757450b5573fd48

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:11 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083791207&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000343
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.007698
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:11 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004665
X-SpotX-Timing-Transform
0.000233
X-SpotX-Timing-SpotMarket
0.004665
X-fe
123
X-SpotX-Timing-Page-Misc
0.001268
Content-Length
76
X-SpotX-Timing-Page-Context
0.000359
Last-Modified
Sun, 07 Mar 2021 02:23:11 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000800
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
294849
search.spotxchange.com/vast/2.00/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083791208&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000286
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
X-SpotX-Timing-Page
0.007825
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:11 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000013
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000008
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004168
X-SpotX-Timing-Transform
0.000215
X-SpotX-Timing-SpotMarket
0.004168
X-fe
107
X-SpotX-Timing-Page-Misc
0.002558
Content-Length
76
X-SpotX-Timing-Page-Context
0.000358
Last-Modified
Sun, 07 Mar 2021 02:23:11 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000199
s2s
s2s.aniview.com/api/adserver/ 		0
0
avpb3.js
player.aniview.com/script/6.1/ Frame FE63 		261 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:286::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxo_USxqPpxAQGelmQbWsoWIAWQ3iErcidk15nSImRqSOBCcAfFRsLSCvfLsiiVeQN6Ejal2E644HKroopGP9TLrnzSlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
84286
last-modified
Wed, 24 Feb 2021 08:53:00 GMT
server
UploadServer
etag
"4b0d193eafdda7f38974bf68ea2e62a6"
vary
Accept-Encoding
x-goog-hash
crc32c=LGMRCg==, md5=Sw0ZPq/dp/OJdL9o6i5ipg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156780497939
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
84286
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 07 Mar 2021 02:28:11 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083791212&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5ff5a0750e21a04d8815e0f8%2C5ff59fe1afab27042d4fc189%2C5f0c277120c3067939487264%2C5f1827c70944ea2cfc6608d3%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5ff5a04a87d7dd1f47384ed7%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7yGAeXxpeEVEZDBrN0REQXJGSFJQT3FvUzRrdHlXb2VYR1ZYb2dmcnJXdVJPbytKQS9ONEVYNjkybEFpclIrMDNSTmFmOFlFWC95TDRCYlpGRVc2bzE5eVhMSW91Vzc0NCszemFSV3hPNURrNFg0azl0SjBQV21KWEM3eHZ0cVhYek1CczFrOG9yQWg5dDJBcE1QMHViaXN6NDRaYTRGT1BOWTB1OFVncS9EaHNDdWFHUXZMa3dmSzFNdkJlaWpFcmU3TjVpMkxQckc3Y2t4Ym81TFFOYUtXVTl1M2RTcmxhUnVmN0NOWHhOZG4rU0RXK2l4QXNhQi92c05ZRlpDZVowZ0MvfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1831
date
Sun, 07 Mar 2021 02:23:12 GMT
content-encoding
gzip
vary
Accept-Encoding
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:11 GMT
X-SpotX-Timing-Transform
0.000227
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000314
X-fe
100
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007014
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000249
Last-Modified
Sun, 07 Mar 2021 02:23:11 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000798
X-SpotX-Timing-SpotMarket-Primary
0.004096
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.001299
X-SpotX-Timing-Page-Exception
0.000017
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004096
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
analytics-1.cavai.com/edge/collector/ Frame 05E4 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-1.cavai.com/edge/collector/v1?campaign_id=1208&creative_id=6407&session_id=7eb18552-6bb1-4178-b1b6-fdaea1a0e647
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cloud.cavai.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
62c05c40181d05c8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-request-id
08ac17fc0f000005c8c4017000000001
converse_imgs_161365538957416136543461201613378075247.png
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378075247.png
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda05078e2a959d34ed466b901a28ef05fe3790e7fe6a3cd4ba6e25e9091d6c0

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
server
cloudflare
etag
"602e6d5d-78ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c402dfb9796-FRA
content-length
30957
cf-request-id
08ac17fc140000979621a32000000001
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378490881.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378490881.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c00325a58c44f8115ec00183df5dadbdbfbb9ac75c314c4bd5107e64a283fe0

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
42696
cf-request-id
08ac17fc16000097961714c000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a6c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c402dfd9796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378486543.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378486543.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65bf469492358ba34a82c58c7052ebe525d29c3de3f1ac9fc0ab55c0ab0bfa2b

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
44042
cf-request-id
08ac17fc15000097961714b000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-ac0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c402dfc9796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
v1
analytics-1.cavai.com/edge/collector/ Frame FA62 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-1.cavai.com/edge/collector/v1?campaign_id=1208&creative_id=6407&session_id=4076b457-a46f-4e7a-81b0-402a10e1c23a
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cloud.cavai.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
62c05c40282705c8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-request-id
08ac17fc1a000005c87d0fc000000001
converse_imgs_161365538957416136543461201613378075247.png
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378075247.png
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda05078e2a959d34ed466b901a28ef05fe3790e7fe6a3cd4ba6e25e9091d6c0

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
UPDATING
age
9757
content-length
30957
cf-request-id
08ac17fc1b00009796f707e000000001
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
server
cloudflare
etag
"602e6d5d-78ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c402dfe9796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378490881.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378490881.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c00325a58c44f8115ec00183df5dadbdbfbb9ac75c314c4bd5107e64a283fe0

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
UPDATING
age
9757
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
42696
cf-request-id
08ac17fc20000097960b95c000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a6c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c403dff9796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378486543.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378486543.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65bf469492358ba34a82c58c7052ebe525d29c3de3f1ac9fc0ab55c0ab0bfa2b

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
UPDATING
age
9757
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
44042
cf-request-id
08ac17fc21000097961a90a000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-ac0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c403e009796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378478024.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378478024.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c44242045dc39af8cabd69a1fb2e05614ef03a2002aebd1e2eef5f13fd72651

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
43178
cf-request-id
08ac17fc360000979610b68000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a8aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c405e059796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378473125.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378473125.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8537f15057d6c53be2a3e4c54c5cb10c9f319f93037fe8a4d0d9f699513763c

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
43382
cf-request-id
08ac17fc36000097960e2ca000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a976"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c405e069796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378486543.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378486543.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65bf469492358ba34a82c58c7052ebe525d29c3de3f1ac9fc0ab55c0ab0bfa2b

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
44042
cf-request-id
08ac17fc3f00009796e82d4000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-ac0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c406e079796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378486543.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378486543.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65bf469492358ba34a82c58c7052ebe525d29c3de3f1ac9fc0ab55c0ab0bfa2b

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
44042
cf-request-id
08ac17fc41000097960630e000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-ac0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c406e089796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378478024.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378478024.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c44242045dc39af8cabd69a1fb2e05614ef03a2002aebd1e2eef5f13fd72651

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
UPDATING
age
9757
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
43178
cf-request-id
08ac17fc41000097961e8c6000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a8aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c406e099796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378473125.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378473125.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8537f15057d6c53be2a3e4c54c5cb10c9f319f93037fe8a4d0d9f699513763c

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
UPDATING
age
9757
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
43382
cf-request-id
08ac17fc420000979608a39000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a976"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c406e0a9796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378490881.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378490881.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c00325a58c44f8115ec00183df5dadbdbfbb9ac75c314c4bd5107e64a283fe0

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
42696
cf-request-id
08ac17fc4200009796fe12e000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a6c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c406e0b9796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378490881.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378490881.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c00325a58c44f8115ec00183df5dadbdbfbb9ac75c314c4bd5107e64a283fe0

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
42696
cf-request-id
08ac17fc4200009796e7201000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a6c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c406e0c9796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378486543.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378486543.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65bf469492358ba34a82c58c7052ebe525d29c3de3f1ac9fc0ab55c0ab0bfa2b

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
44042
cf-request-id
08ac17fc650000979621a33000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-ac0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c40ae129796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378473125.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378473125.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8537f15057d6c53be2a3e4c54c5cb10c9f319f93037fe8a4d0d9f699513763c

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
43382
cf-request-id
08ac17fc65000097961d091000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a976"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c40ae139796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378478024.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378478024.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c44242045dc39af8cabd69a1fb2e05614ef03a2002aebd1e2eef5f13fd72651

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
43178
cf-request-id
08ac17fc6a000097961714d000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a8aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c40ae149796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378473125.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378473125.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8537f15057d6c53be2a3e4c54c5cb10c9f319f93037fe8a4d0d9f699513763c

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
43382
cf-request-id
08ac17fc6a00009796f707f000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a976"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c40ae159796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378478024.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame FA62 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378478024.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c44242045dc39af8cabd69a1fb2e05614ef03a2002aebd1e2eef5f13fd72651

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
43178
cf-request-id
08ac17fc6b000097960b95d000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a8aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c40ae169796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
converse_imgs_161365538957416136543461201613378473125.jpg
cloud.cavai.com/uploads/converse_imgs/ Frame 05E4 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cavai.com/uploads/converse_imgs/converse_imgs_161365538957416136543461201613378473125.jpg
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8537f15057d6c53be2a3e4c54c5cb10c9f319f93037fe8a4d0d9f699513763c

Request headers

Referer
https://cloud.cavai.com/api/converse/iframe?hash=1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:11 GMT
cf-cache-status
HIT
age
0
last-modified
Thu, 18 Feb 2021 13:36:29 GMT
content-length
43382
cf-request-id
08ac17fc89000097960e2cb000000001
cf-bgj
h2pri
server
cloudflare
etag
"602e6d5d-a976"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
62c05c40de1c9796-FRA
expires
Sun, 07 Mar 2021 06:23:11 GMT
st
capi.connatix.com/tr/ Frame C2D3 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=106673
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.204.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-204-105.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 07 Mar 2021 02:23:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
v2ghrC41FSNQliulEJUn6wAQWV6yAjn9I0tKpyQ-qqtux3nd3Taa8GKv9o6QLRGCt5cEPKCU
absorbingband.com/ 		216 B
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://absorbingband.com/v2ghrC41FSNQliulEJUn6wAQWV6yAjn9I0tKpyQ-qqtux3nd3Taa8GKv9o6QLRGCt5cEPKCU
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4fb38d238fe5ebbbe02a24ccbafc6b114b01457e17f4d15cc42223bbe242917b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sun, 07 Mar 2021 02:23:12 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
9b6d8613
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Sun, 07 Mar 2021 02:23:11 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame AC56 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sun, 07 Mar 2021 02:23:11 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
v2tqnObOlttWkV8aymP-YYGT-92GTcuqfhflaX-I-zESCkaZdXaX5WuzF2pB8mCwF9fasFYQ
absorbingband.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://absorbingband.com/v2tqnObOlttWkV8aymP-YYGT-92GTcuqfhflaX-I-zESCkaZdXaX5WuzF2pB8mCwF9fasFYQ
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sun, 07 Mar 2021 02:23:12 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
x-hostname
9b6d8613
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
multitracking
hb.spotim.market/adunit/ Frame 254A 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/wrapper_hb_270443_241.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.washingtontimes.com
Date
Sun, 07 Mar 2021 02:23:11 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
mut
ghb.adtelligent.com/adunit/ Frame 1C81 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.appixcdn.com
URL: https://p.appixcdn.com/prebidlink/18693/pbm_307825_6963.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.appixcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.appixcdn.com
Date
Sun, 07 Mar 2021 02:23:11 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
v1
analytics-1.cavai.com/edge/collector/ Frame 05E4 		0
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-1.cavai.com/edge/collector/v1?campaign_id=1208&creative_id=6407&session_id=7eb18552-6bb1-4178-b1b6-fdaea1a0e647
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cloud.cavai.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
62c05c451b2505c8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-request-id
08ac17ff32000005c8cb218000000001
710b60e37a3fcfd9b96bc70cda47924d.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/710b60e37a3fcfd9b96bc70cda47924d.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af37987749f2706ccb0267dcc97f99dea65dd30dc701478c8f17454fb6d7b8b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
161963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5040
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Fri, 05 Mar 2021 05:23:49 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 05:23:49 GMT
bd671adcfec80847ced5782a8f60970a.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/bd671adcfec80847ced5782a8f60970a.jpg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac919fa93b392b013630727ec10130aabfd0f670275a4c75d35236c4e62a2e75
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
60354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4576
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Sat, 06 Mar 2021 09:37:18 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 09:37:18 GMT
f72736e7588bf36fbcca691a1d6e7318.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/f72736e7588bf36fbcca691a1d6e7318.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7a2c90101bbabde1d255182108e981a3cfda229f978d792bb9225b3a08ccbd8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
409453
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1375
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Tue, 02 Mar 2021 08:38:59 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 08:38:59 GMT
a6edaa1f2f5ebff8afe514dae778b444.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/a6edaa1f2f5ebff8afe514dae778b444.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
824bf3d2fcb0a762bf66d2a2f707e10b80b02f055e7ea767fbe0a1c11facc823
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
318811
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4186
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Wed, 03 Mar 2021 09:49:41 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Mar 2022 09:49:41 GMT
f765a515b73a37547288f6d6c6454e16.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/f765a515b73a37547288f6d6c6454e16.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0cf450f40d6b936d64a4a2c320b258b2a842f7f3c65a6f11637d414a341e02e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
60354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2503
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Sat, 06 Mar 2021 09:37:18 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 09:37:18 GMT
33d078a0992f2a314a4b1f016d7b358b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/ Frame 0CD3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11115701456514206122/media/33d078a0992f2a314a4b1f016d7b358b.png
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9aa160934f2025991a8a8490fd4285b58a9fbb2e5009205492f94d528e8c313f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
409453
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2403
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 07:07:01 GMT
server
sffe
date
Tue, 02 Mar 2021 08:38:59 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 08:38:59 GMT
v1
analytics-1.cavai.com/edge/collector/ Frame FA62 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-1.cavai.com/edge/collector/v1?campaign_id=1208&creative_id=6407&session_id=4076b457-a46f-4e7a-81b0-402a10e1c23a
Requested by
Host: cloud.cavai.com
URL: https://cloud.cavai.com/js/converses/iframes/converse-iframe.1613655389574-1613654346119-cfe3a49eb8163dff393e010ac02c943e.js?bust=1615083788985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cloud.cavai.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
62c05c454b5205c8-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-request-id
08ac17ff4b000005c8ca15c000000001
v2_270443_241.json
player.spotim.market/prebidlink/2691806/ Frame 254A 		77 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/2691806/v2_270443_241.json?cb=www.washingtontimes.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/wrapper_hb_270443_241.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
92415e6d2a1342f75a9c9206116644be617a969e2469e011214b08eb39d3f8e4

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:15 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 16:42:42 GMT
server
nginx
etag
W/"60410e02-132e0"
content-type
application/json
access-control-allow-origin
https://www.washingtontimes.com
expires
Sun, 07 Mar 2021 03:23:15 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 254A 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=3678380531746248&vrg=2021030201&nw_id=39694909&nslots=1&eid=21064366%2C21068031%2C31060212&pub_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&start_time=1615083793119&end_time=1615083793120&n=0
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.dk/adsid/ Frame 254A 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.washingtontimes.com
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 254A 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.washingtontimes.com
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 254A 		225 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678380531746248&correlator=1586942273786282&output=ldjh&impl=fifs&eid=21064366%2C21068031%2C31060212&vrg=2021030201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210307&iu_parts=39694909%2CHB%2CWashingtontimes_HB&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C320x250&prev_scp=pitcSpotId%3Dsp_iyCBIB1C%26source_version%3Dv16.1.1-1%26topSpotId%3Dsp_iyCBIB1C%26source%3Dpitc%26pageViewId%3D0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86%26isStandaloneAdUnit%3Dtrue%26excl_cat%3DPREPOST&eri=5&cookie=ID%3Dd2d6223518cb0b0e-223ef25201a70043%3AT%3D1615083788%3ART%3D1615083788%3AS%3DALNI_MYWpivOrmtuKGQt4jMOQMPR5l9cTg&cdm=www.washingtontimes.com&bc=31&abxe=1&dt=1615083793135&dlt=1615083787983&idt=1503&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=187&adys=5205&adks=3730358079&ucis=4vfumgxdph7e&ifi=1&ifk=1984439497&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.washingtontimes.com&loc=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&top=www.washingtontimes.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x250&ga_vid=1917385374.1615083793&ga_sid=1615083793&ga_hid=1220344203&ga_fc=false&fws=260&ohw=336
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
52706b959975285a1e757e73f1af8542e9c1c042489589accc5d6ce786eba0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22540
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.washingtontimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c631c1ccfb98181a9ab71575e3c6525a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 254A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://c631c1ccfb98181a9ab71575e3c6525a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 254A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 254A 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:13 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:28 GMT
server
nginx
etag
W/"6034e04c-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 08 Mar 2021 02:23:13 GMT
/
onetag-sys.com/usync/ Frame 2119 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1615083793157
Requested by
Host: p.appixcdn.com
URL: https://p.appixcdn.com/prebidlink/18693/pbm_307825_6963.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1615083793157
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p.appixcdn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://p.appixcdn.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 254A 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:13 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:28 GMT
server
nginx
etag
W/"6034e04c-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 08 Mar 2021 02:23:13 GMT
usync.js
eus.rubiconproject.com/ Frame 57CE 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9417
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Sun, 07 Mar 2021 05:00:10 GMT
usync.js
eus.rubiconproject.com/ Frame 6230 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9417
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Sun, 07 Mar 2021 05:00:10 GMT
usync.js
eus.rubiconproject.com/ Frame 9B0D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9417
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Sun, 07 Mar 2021 05:00:10 GMT
khaos.jpg
token.rubiconproject.com/ Frame 57CE 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 6230 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 72F3 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5efeec1c6dfae8e93bbf7509927ca9cbdd3f8a50bce9aec925e7720f6ceef33

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:12:01 GMT
content-encoding
br
last-modified
Sun, 07 Mar 2021 01:33:30 GMT
server
AmazonS3
age
673
etag
W/"3e0dc6d6aa6f093e2cfe792f0be4599e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Sv1wwcWvDKrobJ9EpLWnLi9Igoonmy2v
via
1.1 2285d262a6b5edcf46f904cd07877cdd.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
ZAG50-C1
content-type
text/javascript
x-amz-cf-id
igTMzSCr17pFgVfcc3R4a2PrKDB6eRdZt6c8WJ_UKZlWHeG6Gxdj5A==
pixels
pix.spot.im/api/v1/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_iyCBIB1C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.64 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 254A 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c12a1743d492880c1d280b5ebbeeb14a18812f30e0007875949573b74b966497
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6478
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame 9B0D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 254A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame FE65 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 07 Mar 2021 01:19:32 GMT
expires
Mon, 07 Mar 2022 01:19:32 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3821
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
init
gw.geoedge.be/api/ Frame 72F3 		15 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.200.170.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 07 Mar 2021 02:23:14 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
content-length
15
content-type
application/json; charset=utf-8
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 72F3 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219599
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 72F3 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219599
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 72F3 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219599
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 72F3 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-animation-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
143822
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16397
x-xss-protection
0
server
sffe
date
Fri, 05 Mar 2021 10:26:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2ccf127281514232"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 10:26:11 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 72F3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219599
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 72F3 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219599
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
css
fonts.googleapis.com/ Frame 72F3 		2 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 01:36:28 GMT
server
ESF
date
Sun, 07 Mar 2021 02:23:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 02:23:13 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72F3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
64816
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 07 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72F3 		295 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
10702
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 07 Mar 2021 23:24:51 GMT
truncated
/ Frame 72F3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
225ebe41cb3d26697acb9acf4d6f463f67d4ecffa7c85410d310a218c6564ad3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 72F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvnt7D4QMiyoNPvyp--HRyrAQPWPn7BXxNnsq77AcQOzdTVf14M4wGw7-GqhSmwKp-lz11iGSU3Q_0J0wue6c1sviJ0w
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 72F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C25V3ETlEYOKiC4eI7gOiiIeYBe3F3cdh5-r298MLloLNhYgWEAEghczmMWDRgbmC0AegAf2n-dICyAEJqQJz6XqkXn-FPuACAKgDAcgDCKoEhQJP0OLM-KC1eCBCNCtWXk_1-5mq4QuoEn3D4TmUN_woYVe2sTp-0YRtmFE1liNe2aiSc88V1C3s5c3zbvf9DFjToIix2oVOvzaQAAQsTfF-tEM7fSaRcei2S75rowwPsyndxJiHNAimDPHPmmf_yiD9aS9uBKdGwL-4TdT-UUX-P0aLGB0WVm-SrsbmHZrgtmxPWbK82MZgNjDs-hcnDn6Y1a2VtFXhIvsQ22A23UeJmpb1E7WqXPYC7dkzE3yhNT4Az1K3ZnsD36GjuUoP91gIaF79OcFTRlOAuYwsyyAts0SDeMIEPz3SrN2t4sqTaexlDPJpZ2GmnRB_bAZ6hvzmYr-z96_ABNHZ1pqBA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfr14atAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCJhQ7SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI3MjM0MTQwNjUwMjc4NDKACgPICwHYEw2yFxoKGAgAEhRwdWItNTYxNjA0NjE4NzU0NTAxOQ&sigh=RYTbdvYx0aE&template_id=419&tpd=AGWhJmv3_bVt7LHzes6c80mbQHJ5Tf8XsBHqE-7Pxo1hAm0PIw
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
T1-1-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		2 KB
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/T1-1-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
296bf008ae5350af84f4f10e79119671264857052ce8277ade0a0b6d30a13939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 05:37:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161141
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
646
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 05:37:32 GMT
T1-2-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		2 KB
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/T1-2-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb7df8cbd57ac7124c2152294b1ea3bae6a667021cbc10a8d112bbef5c5663e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 09:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
697
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 09:32:21 GMT
T1-3-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		1 KB
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/T1-3-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
751460ffe3f20b5583d2e32a21c72eb81e1ceae833fc9dabbdedfe047a2349ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 09:42:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232840
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
443
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 09:42:33 GMT
T1-4-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		2 KB
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/T1-4-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b962b98f17757f227d678539e32893e1488e6c5f015ad7ee46832b431b51b4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 06:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158964
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
872
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 06:13:49 GMT
T2-1-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/T2-1-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e67c4ff2271958fc604083d965d81c5a5825556679b8340f76009537852ea389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 06:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158964
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1318
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 06:13:49 GMT
T2-2-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/T2-2-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c9627c63055b9988a78631e29b523934b1933aea2d03310dfdfc3710c44828f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1291
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:07:19 GMT
B1-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		2 KB
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/B1-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78603dac45e6eb023fd1e817df6387a65aac2fc567d00e16ba7bc75a2ba02500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
828
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:07:19 GMT
B2-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/B2-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f3c92f516785fa0a5a380599d7694e810b268fc16725cdb668e53d53670c98d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
808
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:07:19 GMT
Logo01-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/Logo01-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dcb463daf7b766496ee5106d7cae352355755504ac87d8e850569d698501f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 09:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2820
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 09:32:21 GMT
Logo02-01.svg
tpc.googlesyndication.com/sadbundle/13240346116458300447/ Frame 72F3 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/13240346116458300447/Logo02-01.svg
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
672b057f0d8f0570a57b11f69da5650c7e0d05fd937cafe2f9777bc717622b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 06:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158964
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2616
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 11:44:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 06:13:49 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 72F3 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.washingtontimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
221202
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:31 GMT
collect
www.clarity.ms/eus2/ 		7 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.9/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:14 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
x-azure-ref
0EjlEYAAAAAC2dWE2MCf1SIgSV+ngKjS6RlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
pagead2.googlesyndication.com/bg/ Frame FE65 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
112519
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5600
x-xss-protection
0
expires
Sat, 05 Mar 2022 19:07:55 GMT
multitracking
hb.spotim.market/adunit/ Frame 254A 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/wrapper_hb_270443_241.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.washingtontimes.com
Date
Sun, 07 Mar 2021 02:23:13 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
mut
ghb.adtelligent.com/adunit/ Frame 1C81 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.appixcdn.com
URL: https://p.appixcdn.com/prebidlink/18693/pbm_307825_6963.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.appixcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.appixcdn.com
Date
Sun, 07 Mar 2021 02:23:13 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
gen_204
pagead2.googlesyndication.com/pagead/ Frame 254A 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030201&jk=3678380531746248&bg=!6eql6qnNAAWsVXnBrDsAKQB2-Dxa4r32pU76o4P-0Y4vUbl7iLVLiwOmD9cdv7kM5Xva0pwugIyKAgAAAaJSAAAAI2gBB5kCN4rYXXeJcrl7M5unvd-p5rT1PgL_v3jNXgNPh7tOdTUmr0nQkhL1vMDH5DuRZ7O7QdqASp2k7tGEx-K9V0N3Gq2kr1ycgXtdLwBFbyu7CVTa5pauqKyiSkB-tybI8UtuvQhi2zNFNfrWiSiyBp4kFhiygWFw7R4yZb0YfWoq_SuXsaEEnrsjqmNEUwRr7_k3aoPNUoMrIQryasdqvGo15oc587Ahzty1bthcrfIfwQ8YGXHmDYqR5U-KhkD1xisZKNUUDTRgo9Q43r5oACwNN8QUZ46HBCUXLueuIxAlIiaFF6jdtOpiZDzrJe7E-UB5E_BkvG_wuTzNRUbZ_1o7QcBthXAvnMYbM7s7XPo7dgFVfYKy5fFihc7yl0dx7z6Uc4FzZwBCsjj2S5uchNfzc1zrNyzxDNiuyPMn6Qws5GBk2r89O1miZpN6NdnUPGFjpYD4MfjbL383vwjoSOVrTNWoa9siz0wJK8yQOP9WIe_18IcJZeIcgzBsrM75jHx-k_Yaw7tt2vIakDDRQMwMlz5tGD3qum3G5jeYuRnv45oMwjGMABxVqK1YXt2eDl1aD10XQH_GQ5xzSMhK0IDv0N2E1oQMusQfGV0XXJZQ6RHCe3sltggoXcjttojjpNd6cB3th8JxT7DkrldL7oUnkOOkJYLy-M0Y62ef_1XpjQzLv5QENmy0foUl96LeZy0nqfeWq30jArDTaNHs29kaRLkOfFMPICc6lJui-i1ynJcSprxO9PXWeA
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame A001 		35 B
476 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5384953386480437165@@44434947,7110180039573655338,5|0|0|0|0|0|0|0|0||0|0|31|350ffda33e9af1251321becc94ca41ca5044cb70_1|||1|0|0|AsSQRm-a3TpcPlakbYq96YI5ZwvmkVCrBxP-IrjQ4DyztpIQKFz-iMyz8d6D7jvo0|||11|0@@44434947,1436413678546290175,0|0|0|0|0|0|0|0|0||0|0|31|396b6eae55bffac8bba2f22f7289f58b01551ac3_1|||1|0|0|AsSQRm-a3TpcPlakbYq96YBMoYPlQxo6jVuUikOpkbfh6IZyrfIlsMyz8d6D7jvo0|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=www.washingtontimes.com&sn=&cd1=sp_iyCBIB1C&cd2=Desktop&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&ic=0&tgt=0&app=&wi=400&he=300&test=&apppkg=&fv=3&proto=https
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 07 Mar 2021 02:23:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7DAE 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D1%26key%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1615083794
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D1%26key%3D

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=55826
Expires
Sun, 07 Mar 2021 17:53:41 GMT
Date
Sun, 07 Mar 2021 02:23:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5AB8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
43 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sun, 07 Mar 2021 02:23:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YEQ5DOXDLEHXvkPbcd-ClQAAAMsAAAAB
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 5AB8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=98906044-3913-4a00-af8c-682da52c8689&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=98906044-3913-4a00-af8c-682da52c8689&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 07 Mar 2021 02:23:15 GMT

Redirect headers

Date
Sun, 07 Mar 2021 02:23:15 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=98906044-3913-4a00-af8c-682da52c8689&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 07 Mar 2021 02:23:14 GMT
rum
dsum-sec.casalemedia.com/ Frame 5AB8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3830289724515486934
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3830289724515486934
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 07 Mar 2021 02:23:15 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3830289724515486934
pragma
no-cache
date
Sun, 07 Mar 2021 02:23:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 5AB8 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.70.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:15 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 5AB8 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.44.186.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:16 GMT
x-envoy-upstream-service-time
3
server
envoy
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 5AB8
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29b742c1-c215-4d7b-b335-09719e4b3114
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29b742c1-c215-4d7b-b335-09719e4b3114&C=1
43 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29b742c1-c215-4d7b-b335-09719e4b3114&C=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 07 Mar 2021 02:23:17 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=29b742c1-c215-4d7b-b335-09719e4b3114&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
301
Expires
Sun, 07 Mar 2021 02:23:17 GMT
crum
dsum-sec.casalemedia.com/ Frame 5AB8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=mjHfR8Gn1LiJ4E5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=mjHfR8Gn1LiJ4E5&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 07 Mar 2021 02:23:17 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:16 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0047f8acf6307f30d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=mjHfR8Gn1LiJ4E5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5AB8
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dd68768a-93fb-48c4-ad5c-86be3d2d9a21&expiration=1646619797
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dd68768a-93fb-48c4-ad5c-86be3d2d9a21&expiration=1646619797
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 07 Mar 2021 02:23:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dd68768a-93fb-48c4-ad5c-86be3d2d9a21&expiration=1646619797
date
Sun, 07 Mar 2021 02:23:17 GMT
server
Kestrel
content-length
0
cookiesyncendpoint
sync.aniview.com/ Frame 5AB8 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1615083791111-946152166051-020961-014-006912&biddername=42&key=YEQ5DOXDLEHXvkPbcd.ClQAA%26203
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615083791111-946152166051-020961-014-006912%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:15 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 7DAE 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=28632008&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:15 GMT
Content-Length
0
692.json
id5-sync.com/g/v2/ Frame 254A 		606 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/hb_270443_241.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.42.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p26.id5-sync.com
Software
/
Resource Hash
9352f11f5631f69e74b0c39907c373a0a653c00be97c59a7c1ba967b0a20f0b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.washingtontimes.com
Date
Sun, 07 Mar 2021 02:23:42 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 254A 		0
0
rid
match.adsrvr.org/track/ Frame 254A 		109 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/448634/hb_270443_241.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb6d47a5519c8359fe17d2e82e6ed2bf1f48f4806aa2bb67cdf0bf10fc3d185b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 07 Mar 2021 02:23:16 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.washingtontimes.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 06 Apr 2021 02:23:16 GMT
collect
www.clarity.ms/eus2/ 		7 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.9/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:17 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
x-azure-ref
0FTlEYAAAAABTeLp7z7w8RIt6Ps292J0RRlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083798216&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000403
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000005
X-SpotX-Timing-Page
0.008200
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:18 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000020
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004806
X-SpotX-Timing-Transform
0.000331
X-SpotX-Timing-SpotMarket
0.004806
X-fe
014
X-SpotX-Timing-Page-Misc
0.001485
Content-Length
76
X-SpotX-Timing-Page-Context
0.000396
Last-Modified
Sun, 07 Mar 2021 02:23:18 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000744
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083798217&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000353
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.008134
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:18 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000019
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005032
X-SpotX-Timing-Transform
0.000288
X-SpotX-Timing-SpotMarket
0.005032
X-fe
019
X-SpotX-Timing-Page-Misc
0.001895
Content-Length
76
X-SpotX-Timing-Page-Context
0.000301
Last-Modified
Sun, 07 Mar 2021 02:23:18 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000232
s2s
s2s.aniview.com/api/adserver/ 		1 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083798218&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:18 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:38 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083798218&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5ff5a0750e21a04d8815e0f8%2C5ff59fe1afab27042d4fc189%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5ff5a04a87d7dd1f47384ed7%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:18 GMT
X-SpotX-Timing-Transform
0.000399
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000346
X-fe
067
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000006
X-SpotX-Timing-Page
0.009379
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000318
Last-Modified
Sun, 07 Mar 2021 02:23:18 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.001012
X-SpotX-Timing-SpotMarket-Primary
0.005602
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.001653
X-SpotX-Timing-Page-Exception
0.000028
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.005602
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
g
capi.connatix.com/rtb/ Frame C2D3 		215 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=106673
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.204.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-204-105.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ffada400199a9d8f0e63330429f6964f7d6c62ad954d28c2bda59db302407678

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 07 Mar 2021 02:23:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
199
st
capi.connatix.com/tr/ Frame C2D3 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=106673
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.204.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-204-105.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 07 Mar 2021 02:23:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.washingtontimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
collect
www.clarity.ms/eus2/ 		7 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.9/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:20 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
x-azure-ref
0GDlEYAAAAABxR10RHmDURrAqeNXqa9o7RlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
content-length
11
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 07 Mar 2021 02:23:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
collect
www.clarity.ms/eus2/ 		7 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.9/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:23 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
x-azure-ref
0GzlEYAAAAABnD2Clvf39R7ItxwU0VziTRlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
pixels
pix.spot.im/api/v1/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_iyCBIB1C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.64 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083805322
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083805323
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083805323
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083805323&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000350
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.009169
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:25 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004759
X-SpotX-Timing-Transform
0.000257
X-SpotX-Timing-SpotMarket
0.004759
X-fe
034
X-SpotX-Timing-Page-Misc
0.002537
Content-Length
76
X-SpotX-Timing-Page-Context
0.000321
Last-Modified
Sun, 07 Mar 2021 02:23:25 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000895
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083805324
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083805324&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000306
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.010105
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:25 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.007242
X-SpotX-Timing-Transform
0.000307
X-SpotX-Timing-SpotMarket
0.007242
X-fe
129
X-SpotX-Timing-Page-Misc
0.001733
Content-Length
76
X-SpotX-Timing-Page-Context
0.000276
Last-Modified
Sun, 07 Mar 2021 02:23:25 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000210
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083805324&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:25 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:45 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083805325&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Requested by
Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:25 GMT
X-SpotX-Timing-Transform
0.000280
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000302
X-fe
140
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
X-SpotX-Timing-Page
0.008354
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000256
Last-Modified
Sun, 07 Mar 2021 02:23:25 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000979
X-SpotX-Timing-SpotMarket-Primary
0.004278
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.002210
X-SpotX-Timing-Page-Exception
0.000016
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004278
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs.js
sb.scorecardresearch.com/c2/17692074/ 		0
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/c2/17692074/cs.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2011 23:11:26 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
20
Expires
Wed, 10 Mar 2021 02:23:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c5dcd1ccd06b96706bfb627ce1f5036b8f82a2fe760c9b7b988b1e8513ff5f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 02:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6634
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 20EE 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.washingtontimes.com
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.washingtontimes.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1462
date
Sun, 07 Mar 2021 02:23:24 GMT
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 07 Mar 2021 02:23:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame A385 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.washingtontimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.washingtontimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 07 Mar 2021 01:19:32 GMT
expires
Mon, 07 Mar 2022 01:19:32 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3833
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
pagead2.googlesyndication.com/bg/ Frame A385 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
112530
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5600
x-xss-protection
0
expires
Sat, 05 Mar 2022 19:07:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030201&jk=1511812957391225&bg=!tLelt_TNAAWsVXnBrDsAKQB2-Dxa9TunL-IhIS5LR6eOgTsOeYK1x7XfJsN_MI_RPGfSGnAkp_QGAgAAAKNSAAAAE2gBBwoBRcG0qwssuv4NlFgfcaGMioSMjlHxoxdatyxyfVB_zWvXPH4JsnmJgQiMfPnNKODP0e_mxZUtsMdt6aKDw5tetqqHyPJfOuB0meynAjJM4ky7g9lSKewqjPwLGQ5f7IgYqgoW0JkMZl1Z_Zztl5LnC6WhJiCqQQryaBR_f3YkniALNTlRtGzZFrTWgn8UtGOX4MrRXLCep4UiEJFCGvw6iOy3YdIZo_avIpGNJL5NFcMtfGmIXYf77N-5Lq9N1HgDvAgDQeYmNervf5gm1DUxPMrh6LAFdGFGCsKKLb6_Q_YerHDt5C7laAsPsFiDPHjxROpbkSvBsQr-45uSq2l9w3rdqQVE6ZzdhJvliuHd6qniazF2_voM0j6KEmnakTg37XqGjEywVqGhIYlCirIGDGcaCd1YXR2Uda14ocFwppKZoErdmJyZAipKGDNXRbJwoaQT8mfYHA0T957d1OQjV4XbHLnQhbRBYLVryUlCsJ4sSMuGLJ6P-N9SyJFmtlVEGzPnIo0nR8OIHkUTUCP2j3ItBc2vnj8yoGmK9EZnVYoNWKAkfHMVipDo3G6wDA3Jxp9LpKuAzrLsQz2mHdQsXWYsQuaVUMArBPtv5m81xkqhOo_Toga6DhCMpJnM5mIMEqQgywvH4yWTdPmycFVhoLym5GSR4L6Mm8tQBxllCCwdiqoRniLQhoLgOBs6w4Cn55Cd3YkwZy4EMAvEv9fc_c9vsihWFKEe4LB2B5vE9ft65oxeVG93CZuWZMZPUr2Rgy0ZGMM_K3IpbPb1CXjVZQYFzPwNlNCJKlGPxd1CjbYmqUm6iymKluxhW9GNqTyixF89N0IiLJ9w8dDBIKiEvGf1rkkv8ydBUwdrooK3v9tE6DXBVpKPL_aOlRJQnrpHE23jvrmvs33Nk96_fA2Yh9bQx4C4Xcn_yMdO04eOZz194IExeuN7gHfdmKQMNb4ojCyJKTYQpjY3L0-_9_MoaRrMuyH6uPLgcCfpCuC91InzRzKuwO6H3pPm03Gt-DfLO4W5jeScvdao6_PuLNAknzNGLhreHowXM3ffdl15tx844b_dsu0b-ESYbyk6m1RMyvEU-fGKLO1FYi31mbcdvd22wfujtqoX8vlNkZk6qq7sxxsOCBps0eySxYk0bd7tP71FTOLoPVwO_JxOVTVBcK8LLg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B35D 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-9595286865800821&su=www.washingtontimes.com&doc=complete&pg_h=7440&pg_w=1600&pg_hs=7440&c=11&aa_c=0&av_h=333.990&av_w=778.399&av_a=163913.211&s=32.016&all_s=32.016&b=464.953&all_b=464.953&d=0.494&all_d=0.494&ard=0.151&all_ard=0.151&dt=d
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 02:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083806895
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083806896
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083806896
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083806896&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000332
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.010886
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:26 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000020
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004877
X-SpotX-Timing-Transform
0.000473
X-SpotX-Timing-SpotMarket
0.004877
X-fe
022
X-SpotX-Timing-Page-Misc
0.003832
Content-Length
76
X-SpotX-Timing-Page-Context
0.000270
Last-Modified
Sun, 07 Mar 2021 02:23:26 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.001063
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083806897
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083806897&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000419
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.009511
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:26 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000024
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005116
X-SpotX-Timing-Transform
0.000286
X-SpotX-Timing-SpotMarket
0.005116
X-fe
015
X-SpotX-Timing-Page-Misc
0.002878
Content-Length
76
X-SpotX-Timing-Page-Context
0.000453
Last-Modified
Sun, 07 Mar 2021 02:23:26 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000302
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083806897&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:47 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083806898&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:26 GMT
X-SpotX-Timing-Transform
0.000388
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000326
X-fe
022
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.011553
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000282
Last-Modified
Sun, 07 Mar 2021 02:23:26 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000912
X-SpotX-Timing-SpotMarket-Primary
0.007860
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.001745
X-SpotX-Timing-Page-Exception
0.000019
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.007860
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.clarity.ms/eus2/ 		7 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.9/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:26 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
x-azure-ref
0HjlEYAAAAAAOONeqG9sSSZ3Rr4uexWShRlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807234
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807235
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807235
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083807235&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000316
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.010828
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:27 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004473
X-SpotX-Timing-Transform
0.000229
X-SpotX-Timing-SpotMarket
0.004473
X-fe
094
X-SpotX-Timing-Page-Misc
0.004578
Content-Length
76
X-SpotX-Timing-Page-Context
0.000338
Last-Modified
Sun, 07 Mar 2021 02:23:27 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000865
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807236
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083807236&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000372
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008425
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:27 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004772
X-SpotX-Timing-Transform
0.000304
X-SpotX-Timing-SpotMarket
0.004772
X-fe
033
X-SpotX-Timing-Page-Misc
0.002384
Content-Length
76
X-SpotX-Timing-Page-Context
0.000320
Last-Modified
Sun, 07 Mar 2021 02:23:27 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000242
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083807237&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:47 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083807237&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:27 GMT
X-SpotX-Timing-Transform
0.000280
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000273
X-fe
074
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.009828
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000308
Last-Modified
Sun, 07 Mar 2021 02:23:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000956
X-SpotX-Timing-SpotMarket-Primary
0.006097
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.001875
X-SpotX-Timing-Page-Exception
0.000019
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.006097
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807533
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807533
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807534
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083807534&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000337
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.007576
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:27 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004346
X-SpotX-Timing-Transform
0.000233
X-SpotX-Timing-SpotMarket
0.004346
X-fe
115
X-SpotX-Timing-Page-Misc
0.001364
Content-Length
76
X-SpotX-Timing-Page-Context
0.000411
Last-Modified
Sun, 07 Mar 2021 02:23:27 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000855
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807534
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083807535&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000343
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000031
X-SpotX-Timing-Page
0.009711
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:27 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000019
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005332
X-SpotX-Timing-Transform
0.000306
X-SpotX-Timing-SpotMarket
0.005332
X-fe
035
X-SpotX-Timing-Page-Misc
0.003132
Content-Length
76
X-SpotX-Timing-Page-Context
0.000301
Last-Modified
Sun, 07 Mar 2021 02:23:27 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000235
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083807535&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:47 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083807536&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:27 GMT
X-SpotX-Timing-Transform
0.000293
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000384
X-fe
022
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000022
X-SpotX-Timing-Page
0.009002
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000386
Last-Modified
Sun, 07 Mar 2021 02:23:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000882
X-SpotX-Timing-SpotMarket-Primary
0.004872
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.002132
X-SpotX-Timing-Page-Exception
0.000017
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004872
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807893
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807894
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807894
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083807895&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000287
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008725
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:27 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000008
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004809
X-SpotX-Timing-Transform
0.000222
X-SpotX-Timing-SpotMarket
0.004809
X-fe
128
X-SpotX-Timing-Page-Misc
0.001325
Content-Length
76
X-SpotX-Timing-Page-Context
0.000252
Last-Modified
Sun, 07 Mar 2021 02:23:27 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.001802
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083807895
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:38 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083807896&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000397
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007573
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:27 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004700
X-SpotX-Timing-Transform
0.000242
X-SpotX-Timing-SpotMarket
0.004700
X-fe
033
X-SpotX-Timing-Page-Misc
0.001630
Content-Length
76
X-SpotX-Timing-Page-Context
0.000323
Last-Modified
Sun, 07 Mar 2021 02:23:27 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000250
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083807896&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:28 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:48 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083807897&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:27 GMT
X-SpotX-Timing-Transform
0.000219
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000357
X-fe
092
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.007831
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000299
Last-Modified
Sun, 07 Mar 2021 02:23:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000937
X-SpotX-Timing-SpotMarket-Primary
0.004641
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.001345
X-SpotX-Timing-Page-Exception
0.000016
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004641
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808106
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808107
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808107
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083808107&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000274
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.011233
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:28 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.007587
X-SpotX-Timing-Transform
0.000470
X-SpotX-Timing-SpotMarket
0.007587
X-fe
077
X-SpotX-Timing-Page-Misc
0.001489
Content-Length
76
X-SpotX-Timing-Page-Context
0.000360
Last-Modified
Sun, 07 Mar 2021 02:23:28 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.001022
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808108
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083808108&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000315
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.008215
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:28 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005020
X-SpotX-Timing-Transform
0.000291
X-SpotX-Timing-SpotMarket
0.005020
X-fe
038
X-SpotX-Timing-Page-Misc
0.002057
Content-Length
76
X-SpotX-Timing-Page-Context
0.000276
Last-Modified
Sun, 07 Mar 2021 02:23:28 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000223
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083808109&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:28 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:48 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083808109&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:28 GMT
X-SpotX-Timing-Transform
0.000273
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000423
X-fe
034
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008224
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000355
Last-Modified
Sun, 07 Mar 2021 02:23:28 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.001041
X-SpotX-Timing-SpotMarket-Primary
0.004848
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.001250
X-SpotX-Timing-Page-Exception
0.000018
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004848
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808609
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808610
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808610
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083808611&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000361
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.007876
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:28 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000019
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004704
X-SpotX-Timing-Transform
0.000238
X-SpotX-Timing-SpotMarket
0.004704
X-fe
136
X-SpotX-Timing-Page-Misc
0.001321
Content-Length
76
X-SpotX-Timing-Page-Context
0.000309
Last-Modified
Sun, 07 Mar 2021 02:23:28 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000910
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808611
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083808612&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000375
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.010340
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:28 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005654
X-SpotX-Timing-Transform
0.000287
X-SpotX-Timing-SpotMarket
0.005654
X-fe
033
X-SpotX-Timing-Page-Misc
0.003284
Content-Length
76
X-SpotX-Timing-Page-Context
0.000454
Last-Modified
Sun, 07 Mar 2021 02:23:28 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000252
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083808612&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:28 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:48 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083808613&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:28 GMT
X-SpotX-Timing-Transform
0.000251
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000342
X-fe
082
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007553
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000410
Last-Modified
Sun, 07 Mar 2021 02:23:28 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000805
X-SpotX-Timing-SpotMarket-Primary
0.004372
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.001343
X-SpotX-Timing-Page-Exception
0.000016
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004372
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808857
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808857
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808858
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083808858&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000280
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000005
X-SpotX-Timing-Page
0.009333
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:28 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000020
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005992
X-SpotX-Timing-Transform
0.000294
X-SpotX-Timing-SpotMarket
0.005992
X-fe
030
X-SpotX-Timing-Page-Misc
0.001522
Content-Length
76
X-SpotX-Timing-Page-Context
0.000329
Last-Modified
Sun, 07 Mar 2021 02:23:28 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000882
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083808858
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083808859&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000411
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000026
X-SpotX-Timing-Page
0.008603
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:28 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000016
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004647
X-SpotX-Timing-Transform
0.000258
X-SpotX-Timing-SpotMarket
0.004647
X-fe
047
X-SpotX-Timing-Page-Misc
0.002544
Content-Length
76
X-SpotX-Timing-Page-Context
0.000430
Last-Modified
Sun, 07 Mar 2021 02:23:28 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000259
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083808859&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:49 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083808860&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:28 GMT
X-SpotX-Timing-Transform
0.000322
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000312
X-fe
001
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.008445
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000371
Last-Modified
Sun, 07 Mar 2021 02:23:28 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000858
X-SpotX-Timing-SpotMarket-Primary
0.004948
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.001600
X-SpotX-Timing-Page-Exception
0.000017
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004948
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083809165
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083809166
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083809167
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083809167&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000369
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
X-SpotX-Timing-Page
0.009873
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:29 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005294
X-SpotX-Timing-Transform
0.000307
X-SpotX-Timing-SpotMarket
0.005294
X-fe
060
X-SpotX-Timing-Page-Misc
0.002506
Content-Length
76
X-SpotX-Timing-Page-Context
0.000325
Last-Modified
Sun, 07 Mar 2021 02:23:29 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.001015
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083809167
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083809168&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000354
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000005
X-SpotX-Timing-Page
0.008295
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:29 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004986
X-SpotX-Timing-Transform
0.000257
X-SpotX-Timing-SpotMarket
0.004986
X-fe
056
X-SpotX-Timing-Page-Misc
0.002106
Content-Length
76
X-SpotX-Timing-Page-Context
0.000325
Last-Modified
Sun, 07 Mar 2021 02:23:29 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000234
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083809168&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:49 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083809169&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:29 GMT
X-SpotX-Timing-Transform
0.000307
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000371
X-fe
002
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.013126
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000338
Last-Modified
Sun, 07 Mar 2021 02:23:29 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000969
X-SpotX-Timing-SpotMarket-Primary
0.005247
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.005771
X-SpotX-Timing-Page-Exception
0.000018
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000080
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.005247
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083809373
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083809373
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083809373
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:40 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=55.73270&device[geo][lon]=12.36560&cb=5083809374&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000365
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.008514
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:29 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000019
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005062
X-SpotX-Timing-Transform
0.000307
X-SpotX-Timing-SpotMarket
0.005062
X-fe
040
X-SpotX-Timing-Page-Misc
0.001529
Content-Length
76
X-SpotX-Timing-Page-Context
0.000306
Last-Modified
Sun, 07 Mar 2021 02:23:29 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000911
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083809374
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 02:23:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.washingtontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cb=5083809374&player_width=400&player_height=300&regs[gdpr]=1&user[consent]=&ip_addr=82.102.20.235&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000346
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.015344
Pragma
no-cache
Date
Sun, 07 Mar 2021 02:23:29 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-SpotX-Timing-Page-Exception
0.000020
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005163
X-SpotX-Timing-Transform
0.000269
X-SpotX-Timing-SpotMarket
0.005163
X-fe
007
X-SpotX-Timing-Page-Misc
0.009009
Content-Length
76
X-SpotX-Timing-Page-Context
0.000289
Last-Modified
Sun, 07 Mar 2021 02:23:29 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000233
s2s
s2s.aniview.com/api/adserver/ 		1 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083809375&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.149.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Feb 2021 12:36:49 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1615083809375&asid=5fbfaa0d61b23017c4161329%2C5f0c274d6641564e205ac355%2C5f0c277120c3067939487264%2C5f0c2689a6df1c579d429685%2C5ede146878b8e651e62d47ea%2C5efd94c197164358fe79390e%2C5f182ed4d8d27b069b49fca8&ofpr=12.5%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:23:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 07 Mar 2021 02:23:29 GMT
X-SpotX-Timing-Transform
0.000308
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://www.washingtontimes.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000294
X-fe
039
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
X-SpotX-Timing-Page
0.012043
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000253
Last-Modified
Sun, 07 Mar 2021 02:23:29 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000888
X-SpotX-Timing-SpotMarket-Primary
0.005167
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'www.washingtontimes.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.005073
X-SpotX-Timing-Page-Exception
0.000017
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.005167
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.clarity.ms/eus2/ 		7 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.9/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 02:23:30 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.washingtontimes.com
access-control-allow-credentials
true
x-azure-ref
0ITlEYAAAAAB5sM0kf+5BR5lKgWTY99xLRlJBRURHRTEwMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.washingtontimes.com&rs=www.washingtontimes.com&sid=15375&t=1615083791&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1615083791111-946152166051-020961-014-006912&cha=0.7&cb=76565687775&cd3=pitc&cd4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&cd1=sp_iyCBIB1C&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 07 Mar 2021 02:23:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixels
pix.spot.im/api/v1/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_iyCBIB1C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.64 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.washingtontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
st
capi.connatix.com/tr/ Frame C2D3 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=106673
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.204.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-204-105.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 07 Mar 2021 02:23:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.washingtontimes.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
quantcount.com
URL
https://quantcount.com/log/error?msg=%5BUSPAPI%5D%20unsuccessful:%20%5Bobject%20Object%5D
Domain
inv-nets.admixer.net
URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dliveintent%26bsw_param%3D0bb0d2bf-9b98-437f-ab1c-0e86342894db%26gdpr%3D%26consent%3D%26gdpr_pd%3D
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=850964&size_id=15&alt_size_ids=16%2C159&rp_schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&eid_pubcid.org=a01715e4-b7e4-41e1-bd0c-2e8003aa5aad%5E1&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=36a587fe-e378-4cb8-848a-1b5ad57afb64&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7702704930954296
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=19226&pi=3&bf=300x250&schain=1.0%2C1!adtelligent.com%2C270443%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0-11%22%7D&ogu=null&ns=10240
Domain
ap.lijit.com
URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.15.0-11
Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&SafeFrame=true&CanonicalUrl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&PublisherDomain=https%3A%2F%2Fwww.washingtontimes.com
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
prebid-us.creativecdn.com
URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
ice.360yield.com
URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221569bbdc93515cb%22%2C%22version%22%3A%226.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fp.appixcdn.com%2Fprebidlink%2F18693%2Fj.html%3Fi%3D6963%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2214168fe5e6bb119%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22328485%2C%22tid%22%3A%2213369c87257153b%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Domain
prebid-eu.creativecdn.com
URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083791202
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083791205
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083791205
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083791206
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083791207
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083791207
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083791208
Domain
s2s.aniview.com
URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=78c3474830c3fb3612da430eb834aebe_17231624&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1615083791111-946152166051-020961-014-006912&AV_CDIM1=sp_iyCBIB1C&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_iyCBIB1C%2C1%2C%2C%2C&AV_CDIM4=0cb56f84-9c8a-47c7-b7a9-ccd31bdccd86&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.washingtontimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=789785&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&cb=5083791209&tgt=0&
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1432
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083798214
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083798214
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083798215
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083798215
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083798215
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083798216
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_iyCBIB1C,1,,,&kadpageurl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2021%2Fmar%2F4%2Fbiden-administration-sides-with-cheerleader-in-fir%2F&cbb=5083798217

Verdicts & Comments Add Verdict or Comment

336 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| $ function| jQuery function| pbjsChunk object| pbjs object| _pbjsGlobals object| __core-js_shared__ function| JSEncrypt object| googletag object| GPT object| apstag function| twig_encode_URI function| twig_decode_URI function| twig_qs function| twig_string_to_boolean function| twig_cookie function| AdsAppView object| ADSFORPAGE function| parcelRequire number| PAGEADCOUNT function| _trackEvent function| cnxps function| cnx object| adbladeExports function| setNptTechAdblockerCookie object| script function| navIsSticky function| updateMenuAccountOptions function| pianoReadCustomVariableCookie function| pianoSetCustomVariableCookie function| showPianoLogin function| pianoLogout object| cookieValues object| tp function| emailAlertNewsletter function| alternCallback object| alternTargets object| alternAds number| randomAd object| adHtml object| adHtmlAnchor object| adIMGAnchor object| adHtmlImage object| alternImpressionTracker object| ggeac object| google_js_reporting_queue object| shrJsonp function| Shareaholic object| google_tag_manager object| uetq function| twq function| pintrk function| fbq function| _fbq function| clarity object| google_tag_data string| GoogleAnalyticsObject function| ga object| _informq object| cnx_usr_storage object| FB function| BlockAdBlock object| blockAdBlock function| newsNewsletter object| __OW_CONFIG__ object| webpackChunk_spotim_launcher string| OW_AD_UNIT_TYPE object| __OPEN_WEB__ string| __SPOTIM_PAGE_VIEW_ID__ object| regeneratorRuntime object| __SPOTIM__ object| webpackJsonp_ow_display_module boolean| __OW_STANDALONE_SCRIPT_RUN__ object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| UET object| twttr string| nm_div object| nm_script object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| aax boolean| apstagLOADED object| MODALOPTIONS number| screen_xs number| screen_sm number| screen_md number| screen_lg string| path_imgs function| Cookies object| isFBReferral undefined| flaggedElems undefined| numItems object| _qevents string| _linkedin_partner_id object| _linkedin_data_partner_ids function| loadOutbrain object| $bigTextPag object| $articleTopLinks object| $articleCategory number| ShowCount function| layoutArticle function| getInsertionParagraph function| insertAd boolean| connectLoaded object| NM object| BPrime object| _AdRenderOpts function| _appendInStreamAdContainer function| _getInStreamAdContainer object| _comscore object| fby function| admiral function| __uspapi object| process object| x object| OneSignal boolean| publisherConfigLoaded object| LI object| __li__evt_bus number| maxWeight function| __shrTracker undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| lintrk boolean| _already_called_lintrk object| ua_result object| revcontent function| renderRCWidget function| revCriteoRTUSCallback object| liQ function| udm_ object| ns_p object| COMSCORE function| _typeof2 function| __liSync object| FBY undefined| a object| cnxPlugins number| pnInitPerformance function| ___tp object| DIGIOH_API object| DIGIOH_VARS object| DIGIOH_CUSTOM_JS_GLOBAL object| DIGIOH_CUSTOM_JS_SUPER object| DIGIOH_CUSTOM_JS string| DIGIOH_VENDOR_GUID string| DIGIOH_VENDOR_SHORT_ID string| DIGIOH_KEEN_WRITE_KEY string| DIGIOH_CDN_DOMAIN string| DIGIOH_CLIENT_IP string| DIGIOH_CACHE_VERSION string| DIGIOH_STORAGE_TYPE string| DIGIOH_EMBED_TYPE object| DIGIOH_LIGHTBOX_CONDITIONS object| DIGIOH_LIGHTBOX_RULESETS object| DIGIOH_LIGHTBOX_EFFECTS object| DIGIOH_LIGHTBOX_NAMES object| DIGIOH_LIGHTBOX_IDS object| DIGIOH_VARIATION_TO_BOX_MAP object| DIGIOH_PIXEL_THRESHOLDS object| DIGIOH_PUBLISHED_VARIATIONS_ARR object| DIGIOH_DATA_STORAGE_TYPE_BY_BOX_OBJ object| DIGIOH_PRIMARY_VARIATIONS_ARR object| DIGIOH_EFFECTS_IMAGE_CACHE_ARR object| DIGIOH_SETTINGS_IMAGE_CACHE_ARR object| DIGIOH_LIGHTBOX_MASTER_RULES object| DIGIOH_LIGHTBOX_TEASER_PRELOAD_ARR object| DIGIOH_LIGHTBOX_TEASER_FOLLOW_ME_ARR object| DIGIOH_LIGHTBOX_INLINE_ALWAYS_ARR object| DIGIOH_LIGHTBOX_INLINE_CONDITIONS_ARR object| DIGIOH_LIGHTBOX_INLINE_DEPENDENT_ARR object| DIGIOH_LIGHTBOX_PRELOAD_ARR object| DIGIOH_LIGHTBOX_MOBILE_DEVICE_ARR object| DIGIOH_LIGHTBOX_DESKTOP_DEVICE_ARR object| DIGIOH_LIGHTBOX_UNCATEGORIZED_DEVICE_ARR object| DIGIOH_DYNAMIC_BOXES object| DIGIOH_SPLIT_TESTS_ARR boolean| DIGIOH_USE_BUGSNAG boolean| DIGIOH_USE_CONSOLE boolean| DIGIOH_USE_RESPONSIVE boolean| DIGIOH_USE_REAL_TIME_SUBMISSIONS boolean| DIGIOH_USE_HTTPS_ONLY boolean| DIGIOH_IS_QA boolean| DIGIOH_IS_PREVIEW boolean| DIGIOH_IS_DEV boolean| DIGIOH_KEEN_PV string| DIGIOH_BLIP_LZ object| COUPON_GROUP_POPULATE_OBJ number| ClientJsDomMaxWaitSeconds object| CDP_VARS boolean| USE_LZ object| DIGIOH_WIN_PARENT object| DIGIOH_DOC_PARENT object| DIGIOH_WIN_CHILD object| DIGIOH_LIGHTBOX_ANALYTICS object| DIGIOH_BUGSNAG object| LZString function| JQUERY_DIGIOH boolean| hasRunJquerySelectorGenerator object| JquerySelectorGeneratorPrevBorder string| JquerySelectorGeneratorPrevPath function| runJquerySelectorGenerator object| DIGIOH_STORAGE object| DIGIOH_LOCAL_STORAGE object| DIGIOH_CROSS_DOMAIN object| DIGIOH_COOKIE object| DIGIOH_IS_ANALYTICS_IDENTIFY_DONE object| DeviceAtlas function| DIGIOH_ANALYTICS function| getSubscriberEnriched function| getSubscriber function| updateSubscriber function| Keen object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery171008364930091208556_1615083784900 function| 4dm1r11545242527 string| __tpVersion object| jQuery1124010795058771698907 object| SWG object| cX function| cxCCE_callQueueExecute object| cxTest function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| PianoESPConfig object| cXNative object| jQuery171008364930091208556 object| __OW_AD_OPS_CONFIG__ object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| _bt object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval string| $$SPOTIM_VID$$ string| $$SPOTIM_BID$$ function| __SPOTIM_DISABLE_ADS__ object| SPOTIM object| webpackJsonpOpenwebConversationPage object| webpackChunk_spotim_conversation object| webpackJsonp_spotim_2087778507 object| spotim-analytics-pusher object| webpackJsonp object| webpackJsonp_spotim_survey object| Adform function| avPlayer object| storageAni object| GoogleGcLKhOms object| google_image_requests function| cnxAddEventListener

22 Cookies

Domain/Path Name / Value
.tapad.com/ Name: TapAd_TS
Value: 1615083797486
sync.aniview.com/ Name: 2_C_2
Value: 0eab7120-7eec-11eb-a660-1a7ccaea0406
.casalemedia.com/ Name: CMPRO
Value: 1838
.casalemedia.com/ Name: CMPS
Value: 656
.casalemedia.com/ Name: CMID
Value: YEQ5FeXDLEHXvkPbcd.C4QAA
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003&KRTB&17107-RX-77967e1d-e45d-45a0-a670-a2ee83ed494b-003
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6936732122777254029
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YEQ5EQAAAG4Duizr&KRTB&23194-YEQ5EQAAAG4Duizr&KRTB&23209-YEQ5EQAAAG4Duizr&KRTB&23244-YEQ5EQAAAG4Duizr
.casalemedia.com/ Name: CMST
Value: YEQ5FWBEORUA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-48398044-6b02-43b6-ac81-2c942856e6f5
.pubmatic.com/ Name: PugT
Value: 1615083805
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&22918-e1d875cd-72bc-4fe9-8414-488e29ed2798&KRTB&23031-e1d875cd-72bc-4fe9-8414-488e29ed2798
.casalemedia.com/ Name: CMRUM3
Value: 9860443915276029b742c1-c215-4d7b-b335-09719e4b3114
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8263388018784814492
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&16736-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23019-uid:947b6044-390a-4800-803f-30e22cd69a94&KRTB&23114-uid:947b6044-390a-4800-803f-30e22cd69a94
.tapad.com/ Name: TapAd_DID
Value: 13d240e5-7eec-11eb-afe8-5a9a02d33f5c
.aniview.com/ Name: 2_C_2
Value: 0eab7120-7eec-11eb-a660-1a7ccaea0406
.aniview.com/ Name: aniC
Value: 1615083791111-946152166051-020961-014-006912
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-DIYWibop2RXAtFaRhf87Wbdv&KRTB&23212-DIYWibop2RXAtFaRhf87Wbdv
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_6c4023b5-ec99-4d47-91b5-b3cf6ccdf999
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5384953386480437165

56 Console Messages

Source Level URL
Text
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS ||| no Piano, using all slots
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 436)
Message:
__ADS element on page div-gpt-ad-oop
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 1201)
Message:
__ADS element on page div-gpt-ad-leaderboard
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 1337)
Message:
__ADS element on page div-gpt-ad-right-sidebar-top
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 1458)
Message:
__ADS element on page div-gpt-ad-story-flex
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 1572)
Message:
__ADS element on page div-gpt-ad-story-two
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 1664)
Message:
__ADS element on page div-gpt-ad-story-three
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 1737)
Message:
__ADS element on page div-gpt-ad-story-four
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 2618)
Message:
__ADS element on page Desktop_InFeed_Articles_BTF
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 43)
Message:
__ADS enableSingleRequest
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 45)
Message:
__ADS disableInitialLoad
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 47)
Message:
__ADS enableServices
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 12)
Message:
__ADS defineSlot for /5856/Desktop_InFeed1_Articles div-gpt-ad-leaderboard
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 12)
Message:
__ADS defineSlot for /5856/Desktop_RR_Articles_Top div-gpt-ad-right-sidebar-top
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 12)
Message:
__ADS defineSlot for /5856/Desktop_RR_Articles_1 div-gpt-ad-story-flex
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 12)
Message:
__ADS defineSlot for /5856/Desktop_RR_Articles_2 div-gpt-ad-story-two
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 12)
Message:
__ADS defineSlot for /5856/Desktop_RR_Articles_3 div-gpt-ad-story-three
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 12)
Message:
__ADS defineSlot for /5856/Desktop_RR_Articles_4 div-gpt-ad-story-four
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 12)
Message:
__ADS defineSlot for /5856/Desktop_InFeed_Articles_BTF Desktop_InFeed_Articles_BTF
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS defineOutOfPageSlot div-gpt-ad-oop
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS checkAdsReady 10 8 8 div-gpt-ad-oop,div-gpt-ad-leaderboard,div-gpt-ad-right-sidebar-top,div-gpt-ad-story-flex,div-gpt-ad-story-two,div-gpt-ad-story-three,div-gpt-ad-story-four,Desktop_InFeed_Articles_BTF
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS APS fetch bids [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS prebid setting price buckets and consent management [object Object]
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS prebid adding ads w/ bids: [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS prebid request bids
console-api log URL: https://s.newsmaxfeednetwork.com/static/js/connectV5.js(Line 2)
Message:
Connect V5 version : 3.24 loaded
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 2986)
Message:
TP setUsePianoIdUserProvider
console-api log URL: https://launcher.spot.im/spot/sp_iyCBIB1C(Line 4)
Message:
[OpenWeb Launcher] v2.50.2
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://twt-assets.washtimes.com/js/global.ef0920d983d9.js(Line 22)
Message:
modal options
console-api log URL: https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/(Line 2922)
Message:
__ADS leaving outbrain -- undefined
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS APS callback, setDisplayBids
console-api log URL: https://secure.quantserve.com/quant.js(Line 2)
Message:
ERROR Sun Mar 07 2021 03:23:04 GMT+0100 (Central European Standard Time) [USPAPI] unsuccessful: [object Object]
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS prebid setTargetingForGPTAsync
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS slotmatch: 5856/Desktop_InFeed1_Articles Desktop_InFeed1_Articles
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS slotmatch: 5856/Desktop_RR_Articles_Top Desktop_RR_Articles_Top
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS slotmatch: 5856/Desktop_RR_Articles_1 Desktop_RR_Articles_1
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS slotmatch: 5856/Desktop_RR_Articles_2 Desktop_RR_Articles_2
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS slotmatch: 5856/Desktop_RR_Articles_3 Desktop_RR_Articles_3
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS slotmatch: 5856/Desktop_RR_Articles_4 Desktop_RR_Articles_4
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS slotmatch: 5856/Desktop_InFeed_Articles_BTF Desktop_InFeed_Articles_BTF
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS refresh ads
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS full ad set
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS display div-gpt-ad-oop
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS display div-gpt-ad-leaderboard
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS display div-gpt-ad-right-sidebar-top
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS display div-gpt-ad-story-flex
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS display div-gpt-ad-story-two
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS display div-gpt-ad-story-three
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS display div-gpt-ad-story-four
console-api log URL: https://twt-assets.washtimes.com/js/twt_app.26f6f8f49db8.js(Line 17)
Message:
__ADS display Desktop_InFeed_Articles_BTF
console-api warning URL: https://buy.tinypass.com/_sam/widget/dist/template/js/template.bundle,/libs/angular-1.2.22/i18n/angular-locale_en-us.js?v=12.102.3(Line 1)
Message:
Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
console-api warning URL: https://player.spotim.market/prebidlink/448634/hb_270443_241.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.washingtontimes.com/news/2021/mar/4/biden-administration-sides-with-cheerleader-in-fir/
console-api log URL: https://d1bvk193qme2fc.cloudfront.net/script.js(Line 1)
Message:
__ADS Failsafe timeout, sending ad server request

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
absorbingband.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.undertone.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adservice.google.dk
analytics-1.cavai.com
analytics.shareaholic.com
analytics.twitter.com
ap.lijit.com
api-2-0.spot.im
api.innerskinresearch.com
api.rlcdn.com
as-sec.casalemedia.com
assets.libsyn.com
assets.newsmaxwidget.com
aud.pubmatic.com
b-code.liadm.com
bat.bing.com
beacon-fra2-v4.rubiconproject.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
buy.tinypass.com
c.aaxads.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c2shb.ssp.yahoo.com
c631c1ccfb98181a9ab71575e3c6525a.safeframe.googlesyndication.com
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.boomtrain.com
cdn.cxense.com
cdn.embed.ly
cdn.feedbackify.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.tinypass.com
cdn.undertone.com
cds.connatix.com
cloud.cavai.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
cs.admanmedia.com
ct.pinterest.com
d1bvk193qme2fc.cloudfront.net
d5p.de17a.com
ddc2e4e831e3637bffa4015834812363.safeframe.googlesyndication.com
di.rlcdn.com
direct-events-collector.spot.im
dis.criteo.com
dpm.demdex.net
dsms0mj1bbhn4.cloudfront.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
events-collector.spot.im
events.api.boomtrain.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
ghb.adtelligent.com
go1.aniview.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
gw.geoedge.be
hb-api.omnitagjs.com
hb.spotim.market
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
html5-player.libsyn.com
i.clean.gg
i.liadm.com
i.piano.io
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id.tinypass.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.newsmaxwidget.com
images.outbrainimg.com
img.connatix.com
innerskinresearch.com
inv-nets.admixer.net
jadserve.postrelease.com
l3.aaxads.com
launcher.spot.im
lightboxapi.azurewebsites.net
log.outbrainimg.com
m9m6e2w5.stackpathcdn.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
maxcdn.bootstrapcdn.com
mcdp-nydc1.outbrain.com
media.washtimes.com
mlrc.informz.net
mug.criteo.com
mwzeom.zeotap.com
netdna.bootstrapcdn.com
odb.outbrain.com
onetag-sys.com
onsite.boomtrain.net
p.appixcdn.com
p4dt2-x71s7.ads.tremorhub.com
pagead2.googlesyndication.com
partner.googleadservices.com
people.api.boomtrain.com
pix.spot.im
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
player.aniview.com
player.spotim.market
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
px.ads.linkedin.com
quantcount.com
rp.liadm.com
rp4.liadm.com
rtb.gumgum.com
rules.quantcount.com
rumcdn.geoedge.be
s.amazon-adsystem.com
s.newsmaxfeednetwork.com
s.ntv.io
s.pinimg.com
s.tribalfusion.com
s1.adform.net
s2s.aniview.com
sb.scorecardresearch.com
scdn.cxense.com
scomcluster.cxense.com
scripts.webcontentassessor.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sp1cluster.cxense.com
spot-im-d.openx.net
ssl-static.libsyn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.ads-twitter.com
static.criteo.net
static.libsyn.com
static.newsmaxfeednetwork.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.extend.tv
sync.mathtag.com
sync.search.spotxchange.com
sync.spotim.market
sync.targeting.unrulymedia.com
t.co
token.rubiconproject.com
touchcr-web-assets.s3-us-west-1.amazonaws.com
tpc.googlesyndication.com
tps.doubleverify.com
track.adform.net
track1.aniview.com
trc.taboola.com
trends.newsmaxwidget.com
twt-assets.washtimes.com
twt-thumbs.washtimes.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
vid.connatix.com
vid.pubmatic.com
visitor.fiftyt.com
washingtontimes-d.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.aaxdetect.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lightboxcdn.com
www.linkedin.com
www.npttech.com
www.shareaholic.net
www.washingtontimes.com
x.bidswitch.net
x.dlx.addthis.com
ap.lijit.com
api.rlcdn.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
inv-nets.admixer.net
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
quantcount.com
s2s.aniview.com
vid.pubmatic.com
104.108.41.56
104.108.50.124
104.111.238.139
104.111.239.153
104.111.243.142
104.16.90.50
104.21.83.209
104.244.42.195
104.244.42.69
104.75.88.209
107.22.109.163
116.202.80.165
142.250.186.130
142.250.186.134
142.250.186.66
146.0.227.110
146.88.138.51
151.101.114.49
151.101.13.44
151.101.14.132
151.101.14.217
151.101.194.137
151.139.128.11
159.253.128.183
173.231.181.122
178.250.0.157
178.250.2.131
178.250.2.151
178.62.202.251
18.188.204.105
18.200.32.70
18.214.150.11
18.235.157.195
184.31.84.150
184.73.100.94
185.183.112.148
185.29.132.144
185.33.221.88
185.64.189.114
185.64.190.106
185.64.190.75
185.64.190.78
185.64.190.80
185.64.190.81
185.94.180.123
185.94.180.126
198.148.27.140
199.232.136.157
199.232.137.44
2.16.186.114
2.16.186.49
2.16.186.64
2.16.186.88
2.18.232.28
2.18.233.180
2.18.234.163
2.18.234.190
2.18.234.21
20.40.202.0
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::11
204.16.246.215
204.16.246.216
205.185.216.42
213.155.156.183
213.174.135.1
213.174.135.2
213.19.147.150
213.254.244.19
23.227.137.155
23.79.143.124
2600:1f18:444a:4680:1ed9:60e9:aafd:7d9f
2600:1f18:612b:4232:c38c:36a3:7af7:45e3
2600:1f18:730:b140:28d8:9783:2a08:4b54
2600:9000:20d7:1200:1f:2473:9080:93a1
2600:9000:20d7:1600:4:b37b:9440:93a1
2600:9000:20d7:2c00:c:d51b:4400:21
2600:9000:20d7:7400:6:44e3:f8c0:93a1
2600:9000:20d7:f600:1f:df94:f9c0:93a1
2600:9000:211e:9400:19:f03c:7200:21
2606:4700:10::6816:1857
2606:4700::6810:2a41
2606:4700::6810:4fa5
2606:4700::6811:bab1
2606:4700::6812:1337
2606:4700::6812:a21
2606:4700::6812:acf
2606:4700::6812:b21
2606:4700::6812:d05
2606:4700::6812:e234
2606:4700:e6::ac40:cf18
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2620:1ec:bdf::19
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00:286::2c79
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:2a2::1931
2a02:26f0:6c00:2bd::268b
2a02:26f0:6c00:2bf::268b
2a02:26f0:6c00::210:ba18
2a02:26f0:6c00::210:baf1
2a02:fa8:8806:16::1400
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
2a04:4e42:3::621
2a0c:5c81:5142::2
3.126.56.137
3.127.92.82
3.219.93.236
3.223.102.221
3.88.95.40
34.194.148.31
34.197.238.250
34.242.5.110
34.249.70.28
34.95.69.49
34.98.107.212
34.98.64.218
35.157.246.167
35.190.64.11
35.201.96.126
35.227.248.159
35.244.174.68
37.157.5.73
37.157.6.253
51.89.42.86
51.89.9.253
52.142.114.2
52.200.170.47
52.200.45.184
52.206.149.154
52.206.223.61
52.213.66.185
52.214.70.9
52.219.116.113
52.22.115.237
52.44.186.244
52.58.182.33
52.59.102.119
52.94.232.32
54.147.47.240
54.183.247.206
54.221.215.226
54.221.51.83
54.234.118.98
54.80.72.72
62.149.0.72
65.9.187.73
65.9.24.128
66.155.71.150
69.173.144.138
69.173.144.139
69.173.144.140
69.173.144.153
70.42.32.95
72.251.249.9
77.243.60.138
85.114.159.93
88.214.206.142
94.23.144.220
00517eb0b8cc4acef8d59e3b3ab0decfa0a2ca10c92b235edfa6e55dc5549667
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01745476fa67ef15daf1d7cae8abfc2915ea63f772b45d62d8dbb3aad4e3283e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01c15d8d32b9d4215bb6f84980b96ede0bcc99f76cd9153edb606213c2414555
027cdd160b8cd7846376309f6a3f089087d4da7d1fe894dbfb41a7ca682420df
02adeabb3c149ce385dd90b54239913ebdf01a0ec177c654dcdd9c2a95289be2
03a0524fe404ef1faa37728c3a10ff6402e4e60bbde923eb5ea8c9bb978651f9
03cfa10f4ff3b40acc222b9961a21dcae96ed93dab7247d8ec0b4078e928a29e
0414e0055b41fc9e5a56f471c49c5ee1bf9127b5d02a8a3da9c1d46d26d1c8cd
042f1cef0d455760639cfd578141c2179ac3c0a147c4fed12863b00d216a882e
0433e2875e9fd2a1caa9a65ada9a17c5e9f03789da6463476fcd915396c6c6f0
043408d901653af0d904e54849944f83b37d2b20c195d8a900e7fa34c45dc257
04452c0387c3d96451472f2d978e9205f2a091336e220264b97624748055320c
04ec047c75d6b0fdf10ce69271b8ec041bfffdbdc14a4c0b7914c1eeeaa65b63
0665034c0fbb106559df18f216304d5365e2e3a987457fef0a3bc0a0531dd0f6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071585fa4034bc09ffe276b4b4e617a2d161c16c011d9403cfafdcee8f58cec0
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0865e09ce4a5b654d5d77e9f7af4b80223feb97b226160e98899b24d3ee86080
099cab8513e9629e5817e2c50f9aacd16eaed375b0b25dd832ca1ac1c5fd9ea2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c5dcd1ccd06b96706bfb627ce1f5036b8f82a2fe760c9b7b988b1e8513ff5f4
0cb85efa45ae31a2459ae163cc52090319d561f926029d106dd5071bdda3069e
0d644fb09b66c9cfd3aa6f9d72ab92f05abf9430fc2c7be9e38a7ad3c3505a8c
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dcb463daf7b766496ee5106d7cae352355755504ac87d8e850569d698501f84
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
0ff8c8bc7cbc2f3bd4d0ae9a99d3b08256da8e4b70e4e56dd2712b0f7eb06f25
1094f6eb88f12bf3a4d1292d28115e20c44ac684af936d8ae4cb02839bd3e63d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10eb41d427bfc520303ddd2030efa84b948af3148e19a2771ff4031a71d2b356
112c6256b2dfd5a651ed2ba1bb1f85f2fb66242ba600b609b45b2817f896c4c6
122df083771f07f5562ce2b55bac813ca2eed2cafe63eacb86053f8b286dbf20
1264b931fbd9f3fbf76fb380cd1cac24d487959da644d152b0a608179e0e6a25
164346316ca3ee6a3d7b0f85cf2c2afb022c2642a107fbac67851cee49ab820b
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
16bd9656ff0de76ced47ee75fb4f7381aae403250cd8d985d8e6780f154b6e04
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c0cb0ebf743477f9e97d6295da8220ae3aba001de8c452f31199cf52e785f8
19271e99d56c4fd36f7ca8c2f0c4d590b430b23f4af702073b001ddf9f20e03f
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1a012af949296922ae8041d0d91142a27eaea52ce930963078f3811171dc400a
1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664
1aadbfb6f8142869dbb048b379962129238cd05ce266dcdde26ea1b8d9bb58d2
1bc92fd2fcf02ab23bf434d20248d29690b562b406e32cb0888a440774d16fd8
1bccdc8953ce959207d04786b26d6aa28467edaa77d3bf484587ec2c2ff02930
1bd84082cb6b01c22887cf4966c3955bd4b67f36cb573701037b64c8969a9fc4
1c12edf93cf52968a046c92a4338e65588ca76cf8008b44121825c04eece4460
1c330e76b37cd7a1987de811216e0b1676c70f87a48c24d7f0c8ddae0c3e43aa
1c44242045dc39af8cabd69a1fb2e05614ef03a2002aebd1e2eef5f13fd72651
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1d2282aecff7280c1ebf5fd5ea54998037c6d9382ca6e4aec94eecfc83d0124a
1d4363cb3a69289032e814e14f8cd3d035fcb44c457b21dae15c772d3beae374
1d83b84f93c23e2d460bc66d69fa0b990fd3ff65d8f6368214892b1c5a5d01e7
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73
1e99a50bbc1d9a3fa157c312f7bf0732452a7f38b23c37363c830527def5f76d
1ebb708ce47b1ca44c86c31852dd8afd8b85ee475a57ace1d55eca81e64c7964
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
21bebc728ff3a8ec7568d27c924d5552f15b5f9975e37c7d12c5602c19ffa7b7
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
224507312e7123d83cd11553c582e7a8318fff2aa15cf013c5c4e62590db2ae2
225ebe41cb3d26697acb9acf4d6f463f67d4ecffa7c85410d310a218c6564ad3
23027b0ceadc3f02c856416e352750e87f4c0d3af29044acdbc44ca6ceba2a10
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2433422ca32c2c99802b31e1c88cf1b252c906fad6726dac086c5bb47f9f3399
24bf977b8b12f84d612c8e996b96c1b82ee958f632cbf032f389f4fa0d383cae
25ddf878806a24c9653c53f9e84a895827721e45e28ee1d6bb358e3013740bc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
279f436725f4a1630df3e10f8bc54878aa29d8cd32ee2788784930163e17a382
2958e3b7f04c4b955a3c2c4d010ac05d8260dc0ca26b59c3ebdcf7f231aa83ae
296bf008ae5350af84f4f10e79119671264857052ce8277ade0a0b6d30a13939
29f9f805f765de6086e3ada4a6e0eb59714ae31fb6b447e800f9339357dc40d5
2a5f14af1d652183b7ed8e3fb9fe254a87be67dae835e9deef464dab635edfd8
2ad14cc5d0aa5fdccdb847e2644c0dc97dc1e0446ccf6f3900b928c2a6016ca6
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
2c00325a58c44f8115ec00183df5dadbdbfbb9ac75c314c4bd5107e64a283fe0
2c24582b42a00bdc66bd1a7cf42e89cf65e92c1aa2e84cc09921c8799dce0cea
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2c966bcad6807c88428e08bb9a3af745fb55bfced638d00d5ca7598009937e8d
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eac7a367a222cac0fdadfe8c77aa6d74dee0583d8694b1a892bdfad99738112
2f3c92f516785fa0a5a380599d7694e810b268fc16725cdb668e53d53670c98d
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
3133ab1ade9bb8f8697a83b3e8fdf82a4b95f23d77fc5ed63832c53ed3196a4f
31efbd793df081a9a00fda3c63718f35bdd0929a6acecc0c3d088d7985f9592a
344ca9bc7c87d50030fbf517311b9a9e6def112ddebafdf4eef2803c351ba2cb
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
34de1fb33befdece9970a71e9429a611d3630a1a4f898feb743c0142c12de4e1
35763c3a668e24d3e7aa5a31cf7377802aec02249544a1a07d69e376f78b3d0a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36d73ce2f32f33139d698bdda928627bc3d6a91636aa89f7b7cd6bdb4f59fa20
37180d9fd35707f0aa95cade2ae37c3e1e388fb8ac0f6403ba17f048c4f9dabb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37fb26153eb3a72ab91c5925ea7622b3757d244bafbe3d0ac2af583465fbf12c
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
385f5b822603705c87f8a2556d010cbd01a2e2d57d7240790a2ed2776f41cba9
38761bac34825034d9bf5e8614f5322874727b3cf9f63d68d568f7fa0e712695
3908e2584911e13c708b067f61a01df39fb3b96cbced9f89050f3b3f3c0706f4
3932ae74c4b03ec85f081863f23610a1e65df67d8bbc5e13ac27fa49a639e1a5
3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3c2cae5f5dd8f9ae93dbe8b19616bf2e2329c0c9f5f231e8cd3c4a6b31040f11
3c9693a18b32cde2c544a292c9f0d405982e2bd7ae4c59acf6dbbdd59424e232
3e19c66d1ed8bf66a90530f77503e7ce2181f776a41b3fe331529485ea4f7498
3e57440bf2180995422b9bda646ee287036081f59b8139370143d98409d16b6a
3ea534b0ca7d28e17ed8fc0633503b64fecbb4d710def5e081bff64b82f0218c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed154a0995f9a5597ccb3c567815c1222b7dd07843f761f700b9a9eb8cd3250
3f5fbc0660997d80fd33dfea089db0e957b9b1956b77b2cdfa7f90293e74efcf
3f930c87a11fe4bba81db7914e199b3e8cd51951d47e313baeb2359e0e5eafae
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
41a323aebc3859f6f1a306dfb986406202ef6742023dfb0df94bad0c4ba25de6
41dcb916808791070bfcb1381a07d00b2bcf921ffcab510dbaab8e5614ccff28
4466c20d8801a2f52d51509c6293f57f2595dad2e3047f49888c3a745acf50cb
448891304e15f4a4b07cca00f13552fa1b9d0d7815389794d9fd506f3ba48b47
44c7fba7f0cb5bbf1fee6f01f7ddc4be7ae231b5dc806f1f34470de152658d1c
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
472945724d2872456b70371b4304e70db53ab1a2f94993639dd1e436cd93bbaa
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4926af5d480e8012ac635b132536464330e4fb73257922380a9b2a13068fa22c
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
495a00e135488bceed77036d772ef7b8a8803965c57718eb9ae70dda49b0dda0
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4adc948e810968e073c6cbd8e9c5d8161194b859524e54bfaba278a676f7d30f
4b3a5342d64afc4bd38dd51f29ec3ac0cb2ca54b7f996d9b0f08d84458985bc0
4b52f7b6547e77d40ec2463b30963ed794f73849840ffc73d4760b3c61a68fdd
4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
4c3fc7b88cacbc18b7120689af183ea32a610cc7ab4316b2fee76e6220b9f178
4c561fed24bc233343725b988565d94f9d147a3eb45591863236c205337c12f3
4c934534eb9fefa3ae15481defd2ac395d108538ac932da8299c02d0bd3faca0
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d111c009e8f72310a442217dae106f80b191ff940c0a838bfac421f7e525aee
4d9f3dc6a67dea386a5982b327c737e5e34fff166147bbb7f308013ca2884722
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e17ba7f7adef76f755128e7a9fa4d16b2eeade4408de77e87d31456d38aa515
4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9
4e97bf2da8af9bb5e5b6cd72ced4e7423d8b8d6ccd218c517dc9d4f554e09b8b
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fb38d238fe5ebbbe02a24ccbafc6b114b01457e17f4d15cc42223bbe242917b
4febd1d11ff0258aabab8d42e40c23fd10fc97565bed2cdfa28d732671cdf08c
50f53a5d13fec64fcf90dc5633bd63aaa24c496bd03d096d63feea24cebb6f65
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
52706b959975285a1e757e73f1af8542e9c1c042489589accc5d6ce786eba0c2
5296c652e467dc0870ac989e3cd2263e2352d90e6c7a30ab4ba0f56cebf85310
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53fe6f4752b740bdb672721a52867a44cf638ebc34ca227a7e8a01e4f1157497
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56545761a3af81b1756405b66caad9029db9e3cea0434d48ae66da9d01894812
56674d6046543e640ff4beae11f6a9a612c60956e4f06e4c81da95d01f6dc4b0
56ed60d1cbe184c373041929f6236fc67eb233f9c0c19ad8208d2da96c73d528
576d24f840d9c3e2ba5189c77d22032b8fc5109a96072b7bc98c0b74ed4d86a4
57f105b6ad16722034adb0abcfaa7d75fa3c040b95ebfeb51f52e4bccdd0b687
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5900deffa4d8c0bf3687fb3769e7cbb3fb7fc3d4d54dd871f924d77dc7b93c50
595534185225c45c173b18748c071fcd7b4c823d8b2dff76c4d91f948658f5fe
5a577a487b1d74cd85cf5d1454ece91e6c311cc04bf201297ee02435eb5bd4a0
5af646098c0134ef356c939f7d27b67371b0986db04ad5e08bfa87401194f986
5c9627c63055b9988a78631e29b523934b1933aea2d03310dfdfc3710c44828f
5d156051e2f89e0ff43df5cc111ae7632bbf7492771c8569cd6e36e7f912aed2
5ddd862fd7f5fc36ec0acd14c6156f7000b45a50d5ed6ddf4ad0bc4343d2ba53
5e67498d3b55e633b89bd50a05e5a4e80125bd92b5c007c7ce29c0665f9aa33c
5eeaf17820a1131deca201df8e6e0ee60406edde21f2302f97c0ed59f39824d8
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fb72780007bce7b17f4ef81e784aee168b910a905f99ab490c23b98fc86b96f
606b721ca8e71e52029c4c3018193d4cde92954e0fec6d1c5a220bbb4e09b99d
60b3341f93e72974d7c6eb0f8f52067baed7e456ce4923b416a4298d4caad35b
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
63310e02bd70ef872c1d6a52c60efab8319830fb9368c1c7e3ef5882173758a1
651aa40c0caa18e5e1ac5d9a21cdabfaeb148e6e89cfbd29037c2315b79831f6
654b91c942f577f5bf6247cd8205f1052bfa3cb5cbcdd1aad2731797f776f0ec
65bf469492358ba34a82c58c7052ebe525d29c3de3f1ac9fc0ab55c0ab0bfa2b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
672b057f0d8f0570a57b11f69da5650c7e0d05fd937cafe2f9777bc717622b79
67b71c4b762cdaadf9d51c5329d273655935b91e672330e163ff2a102dc73221
6919342e1076b1ef8265582ed6a4e3659926413155e4354fd284ae4b66897a8f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c405a83e669ee5d0a63bf49d29ab0c302bafb6641f00a4fe213a861a3f0d68c
6c665bdb722ac70e8686c080dc2a3814b5ae3cedaa1ad83cc705860f873b5ab5
6d78ffe3c0f103ad744558af98b37552426a7175313fef73e0affa709213f0ec
6e0f006547bca3c24081d8800c009a631f19d18108683bf6ea19bdbc2bb01828
6e7dced3e80a11752f9080d37d182b7a018756cf2e128e74a503ec7d52160adf
6ecec59b25967f1bdaa608b17605aec20f75a0f75ca9caaf178fa13f0d0cc3c9
73894bf6166ee5424e58bf0ba1bcc7ffd6bc256d11ece70e5cb698914fc35418
73a6f3e8289d47f50cade01fe5ec478922b9e3a615f615525739b0862821a8cd
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
74454812806f5125d2ec8cbab938caf3732596c18021ab5efc0cb0b5f18b80ce
751460ffe3f20b5583d2e32a21c72eb81e1ceae833fc9dabbdedfe047a2349ad
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
78512513fc22684ffb14efa1d150dad7416207241c73fb7c087a01bc7b883dcc
785e2195d7c734800885cf45cf3c267a35603b120b11e89c139d76dfffc93f0d
78603dac45e6eb023fd1e817df6387a65aac2fc567d00e16ba7bc75a2ba02500
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7d1503b2c3953108b26f6ac15ae55abaedb60767c249d34661d3510080f5a9d8
7d4b2f6b3fc3777c64a4929b22668b2663fca41f9d664b113494d10db5ea18ca
7ee1ba65d5d40147a33d44ca9562576b4a97404f5f669ebf4716db9f082619d0
7f7e1f11eb1bbb42db2f2dcb9e831116d92d5a69e38cd1241bdc6852a9392301
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
800be243293e6d45f1a0393569ba3a9dc62b0a284a632e5890f4f40662a20f8a
80b61d2fc70eee642aed7435f362d8c68baa653a04e2d2d8cf351f5d6615cafc
81195f331f2b99c581a025c30c60537210853a5ec53ce76c7beef8987e8e3821
824bf3d2fcb0a762bf66d2a2f707e10b80b02f055e7ea767fbe0a1c11facc823
829459528fdf64d8725e1009a90759dfc3f70ca184958fbc435e76daa3c31b1d
82f24f21c53f556fc649c89f52fb7db4664408f9480597056331f05b9dde50ae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30
85dcf9134e5d309882872c98e1caf93d700109b42f49d4ae3ad2f8ca6e12344f
86c3178d6f58b43c96e5bd809e4b11711fdb99fe897a9496d29d0f1999a3adaf
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
88ac7402288fb99657bb2aa25bc8898eb867a347759b592194df8dcead77ad63
8961431d93a9024ccb6d08a572aef6c75500f5edcfdab57ed669a0c1da9a839c
8a19721933e70954cf3f7a797cb6f09f70b77e2367f9ad6be41e6bce78cbc722
8a2fcfdaf09d42c2c7dbf1340ed918a86c0b6abd91a10fb5c99785782b7c2d51
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8af37987749f2706ccb0267dcc97f99dea65dd30dc701478c8f17454fb6d7b8b
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de18d9d36022c50913c7296137ff292d1e862505a5ac0d860b7845edcc7a52b
8e7d52b3c90b7aa9153106c34a11d1cde9341788368118f971631f623ae1e42a
8ee2b1a6f557ff4137385e35aabcd6797c34e98d8c8171c022e2132524a9a4e1
908830394e9c2c646a90edf75bbd0709f6c73efaed2361cef692f90e07e6dca8
90d45b081ddedc6d1a9edfde43110b1ef98ed463506b238b5b1e0da1c35494da
919b7f4e42fefadf325849815670dbe40a93884523078ec4f7aa16632485db36
91badbb966583dc65043ed3d00931c1a1d769a94ce5d02f117b2c83d8297e6af
92415e6d2a1342f75a9c9206116644be617a969e2469e011214b08eb39d3f8e4
9303fc4f30f2b569cbf41ef6dd903634784613e62503759a742b924978f10623
9352f11f5631f69e74b0c39907c373a0a653c00be97c59a7c1ba967b0a20f0b6
945e42dacd8d42114591a84d9bd3897d1e97abcb9fe92ad9510d0d0c82f6ae7f
956e494dc077beeb3220e5038ce0b3391a37b4247252f2310737f917382972f8
9636f762c3a9b90d0a06756c6db9c9e8c28d3dc081bed0d20fffd4d7389aab1a
96a5ad988a3d4cc44699ab37d3792c47b282f32f9414dde2b41dd036c4a12769
970eb8d95b86d1c5e93b2f421bc1b43c789f3aca4a737bbccc0b1330dd382df9
9738373257ba8c3223de6e50a3fb31603d78e2837c9a5d63ba4875fd6d21e79d
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
988691f1287ab21055dc60be6e33b8e40935f7c42050888dc23f1013a1e3121d
98f2d49a3ab8c5a102f7d7c90d440594b8d764136cd6587d5e5ab15bb89f21bb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a254f5ea188905ddd9a823dc27fc58db97c63ca74033f117697e3f55da0f72f
9aa160934f2025991a8a8490fd4285b58a9fbb2e5009205492f94d528e8c313f
9b18e7bfca8064c887385c5cf57bdbcb6f7d263d0fb9cb320d94bc1f82a62a7c
9b58f24149d76e6bc4c529a5f6468ddddb51b2cfed5605950be23b7662d4e2ee
9bdb31a2e71a28d7a60ff87fb0e38f47ddf6fbc9a208f3bf609e7e7ff36c541d
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cd881ace5bdbe410803fd5c8925bcc356103f50558d1ef84d0396c76c1f5f29
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9e8f906a264dbaa19f933695fa95b73b70a32a8621055dc18cc6bed1ad9cc927
9edd6a4a0299f37bbdb10f2702507d837c75cd6c582193c4b6f01b3007d76321
9fb45ceaaf3d076bd6133fb3a5728b6902bc0499104ab432f316d71a1d7e0e4e
a00fb7dba7339890bceec9ab12e82dfee541278cc6c2646ea2ca24516473f0ba
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a121acfef6f3c76e309c434d2536344c4c7b6a4474b1cdabfdf920f7ede25127
a1d5cff7604ee24a61f15e2528016de79359d541493c834c8b4a35e6645054eb
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a27e5a5f0470651ddf2e2b0f7ac3fb37861c0fac9daf7f4bbeff6c73a40c8892
a35ff8bfdba50957eedc8319a6ea78a8b9b26bc8a81700b8528e85e2431ce4bc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5088c618e38ccdf416a61febe45458baf8b4ef7024130b122c2405d5a1cdb25
a56eeaf10b740315ef66b7b210fa58919956cd30d727166a0fdecce16f58c211
a5a55bd9ca1e977582117c94589335b0e042272464781c9f610e244703aacb92
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
a86fae43a94ac408aab297fba5dff884ac532d1a7ad7264d5243dbc92ba6a154
ac221ce0776ae4044927485d5d8b9df74f99c57593405cfc59c03306f50c4b97
ac25edac7d3cc3aacd7d498a8ea40a26129661150feaee612b18fb6aadcda021
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac919fa93b392b013630727ec10130aabfd0f670275a4c75d35236c4e62a2e75
acf6640e824da848b632657670475a1855a1c5e4850f7cf1d1381a3e9cada575
adab1e55d321a65d4cc1abde330164c08c91229115cedb201979279136212941
adc9f90e80220607fed2a365ee3adf27f172a0a3f1b6de5c398fbcf3b0df43de
ae07da0b8bdaa74042237e5292bd98e9a7b4f6991843c1144757450b5573fd48
af69a3d88e77b6cc820fa5315924be1f2c68e457a76a6ab3aea6b1d8a93aa516
afb145bd40df8dffa617b6e9e404d0284c792dd7a3e40884b49df9c9279c625b
afb2bb429989ff7f7edb464b35161835c74c9172697acfe603de86150511d018
b04729edd9eee58f0026b7123ebaa0c4578d517f858fcc4fb83946e4aa7f05b7
b051c4614c0ed14a841d460c20a8adf57239756cdba737b949c2b30018586199
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b0cf450f40d6b936d64a4a2c320b258b2a842f7f3c65a6f11637d414a341e02e
b0f409b87bfbdd4e573c1039b5a552af73cf43f8540d34c3eeec8b97961ce67b
b0f9de106a74e4ef33b5107fb2217d841a582d58a5e686fa33d5035f00c57895
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b20394fb233b0e841738dd8193dbfdc8ea99822d35965ae861d1baa6a3c82b4a
b30d70ab6ab60c41964f3fa9f33808b917fef580c089f3b915d596141d0cf3e7
b3f1909ae98b09d0e3993bb6ff6e344acb85988745396f935250ca05ccd7e525
b44a4a7fa849e927e33dc8f8bfb1d1a5264ea46c5e68b2fd9ed3a000fc111b0a
b47e5237075b356e0f05ca40422cb2a28ddcc3a57e831c816b159f53f31d8d1c
b4ab0c9d469f5fc9747b8f7433e38ebcc71a9bde85103b9ed30606d37bdbc112
b53e03421cd79a7fe3d896ee7b78076a23580d79414a8b151b22f913cd1ed411
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b74adbd7895b438c9cbd370015885ce41373c9c012847458efd8b28632d870d9
b8537f15057d6c53be2a3e4c54c5cb10c9f319f93037fe8a4d0d9f699513763c
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
b962b98f17757f227d678539e32893e1488e6c5f015ad7ee46832b431b51b4b0
ba1a092576775e6261ff8c6985f1fc8a5cf64b641cabc822ffdf9f994e672cd3
bab016fe37c5521b05227b5619f7ed2a3eed92adaf853c330aa3556cf41fbda3
bb6d47a5519c8359fe17d2e82e6ed2bf1f48f4806aa2bb67cdf0bf10fc3d185b
bd0c3173c8506b16a7a46c784bec6c117f0c0e637b82cc229966c38d96275b57
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
be791aa6dd6914fa06f07af1406eda02c721a769308a40d73e3ea987cb2b43e5
be7e647a7c957e004f85a5cefe5b0002ce9d783d7f30f59fe26fec014d51078d
bfb4f77563176b8d6d555bfff5310beb5aef0366c5f535cacb1aad192ab2739a
bfe01da5cac23b8e496d7acf15ef710991f9ff008bf30273367596e0d3c43b89
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c0f4d2362b2031e33fc64626452d5bbac773a4e34efabc1808f5e6b58790b92d
c12a1743d492880c1d280b5ebbeeb14a18812f30e0007875949573b74b966497
c137ab2ff8bb9e130e4348edbcfb75e16a0a7379b04b41ef1f525992280cedef
c19c17717e0a355b639e72b32e2117916ce787672b84d757e572cd2157a0003f
c1ba1e480233e53f5346f2ca64fb2b6b79ad7d1ddf0042124202484379c92693
c1be5187242d584a1095ead787704d919c85df2ae6af5fca2b90c32317e775ee
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26cc7a5adcfbeab3c5efad4c4055f4e5e79426a618888a1b5475aefb4b448b2
c2aac98311995e600b9372f92b29dbf5cf2402b7863e58d93e74bc873676c6e1
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c4288ea598515bb42c621803902b970fa13ef30493867e8754f3732c56835b19
c48a4e2ced07184884f52d5f6af75124eb9ac336f7584dad1203c3e4dc989023
c49eea1e521ba7f142e540b4ec3704744fb818f7c49e86a22ba13c1a8cc48e57
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c81ad4a9000a2897481c140594fbd004df6928e95677b1fa1b0ea99cec2c11c3
ca1700296b9c4b2b4bf99d6cf9a5792d0d43f9c210a944535cfa2b2214486fbf
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa1a2c22b72f120310ab2e0263a16450b10af67331ee8969dae1e6adc6a0b64
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb7df8cbd57ac7124c2152294b1ea3bae6a667021cbc10a8d112bbef5c5663e3
cbdd09f8f307836a7360dc6c64ac8aff9b39ca77fb2889d7601e1c0e7117206b
cc42985f3a2fb62a6d4e881b8f630659f1461eee9b030f25caaa40c63cb13920
cc7616c02f5dafce044ba93d34d4a8a75623137ee30dc3986bf470ea250607ad
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
cd9316b3385fb95b84829ca457e83435bf55cd43a0914ff73ddc14f2731f899d
ce100a5b741a2b86f9b0082360688d6ba156eaddddbc29c78e4e7793f871cefa
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cee9374fc13a18761fed55a496af0a43f214255c97bb43af3b06f5b44589d03c
cf02237bea5954a7079f2c687c79f3d17d4afbc334d03a2b0e1b1c5eb455a482
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe55fdb128b3764be047413f3d4d7cdce074c1ea0d9fe01ec8f35f98031482c
d150a83c4c8354f634f88d0b21d16eabcc21bfb75b83296d27a1c4438e77fabd
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d32e86b4f1852db0604ee6709371fb28f432cf45b2ce5f50781fb9efef681030
d349d655fff413d9515ce9841c32df131d5753f12e1cdca41c7b72c4e899fd7e
d45dff5ca928c11671bda9f2bdb88987a64a2dece9e4ca09e1ebb0d7cce2a28d
d5148671ed403209f418e0b736904fcb71612a702c5d08006f27422dd16b2e93
d547afec38b7ae7f97311731485d8ee0aa40fcbf97609f1e875c9225d5e4c541
d66001f67ae05795438ab22f4e42d2d6fa8e1fc8d4f4f509326823d7c1e75e64
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6cdfc87873355bc3ffa410e7958b079720180b145628d77cb8d1a4346827d7c
d7a2c90101bbabde1d255182108e981a3cfda229f978d792bb9225b3a08ccbd8
d987b96e4134841680fe5ede6e7ca73c5e4cc58fcf618be8571872aa9b6a26eb
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
dc1ea69d6354f627ab8f83d77f411ab099671b3452e7ebfcbb337a22e4b98ebc
dc373a5fab34a58d708d77f8779f80ebe2143dffd125bcf53bd297db5454eb51
dc921297fedbb9b57738b8232395f4abd11b0b6075c2de8c56784bad09151786
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd7d955be20ca23d32b09984f8c4274fb95f3997c3fbcb0ae99f53b1f986d8f2
dda05078e2a959d34ed466b901a28ef05fe3790e7fe6a3cd4ba6e25e9091d6c0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df28da188fe7239191da0339300eca239e48b5ac70209f68a90eba74a7e7013f
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1423f2c3019bedfff7e2364ca9f8dc100abd6a14d9d65aca8e710b5a3dffc47
e1471958cfc76b91ab2f44dbf63d61ec73aff1883bcaa387d83f160d31edc9b8
e1667cbb4f37b8c9c4e1d5ef85831c06d69e066d4ec7e3349d05ce4fb9778fde
e1e98d3628ff12ae7dac76d752ec5afb9e3070f12dddb1d2943c5acd0c836336
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cf93bf7f912c113de3dcd5f5b4efaa254ccae246010df82ab1aff95dc24e22
e5efeec1c6dfae8e93bbf7509927ca9cbdd3f8a50bce9aec925e7720f6ceef33
e67c4ff2271958fc604083d965d81c5a5825556679b8340f76009537852ea389
e6b2629b8e9e0f63644435c2aca44bab5d8595a634f6f0150a97a8dfc5d20c9d
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e789db33efc14c107f45aa793f7458da901c9a0184e128ea48fcbd4575d73b57
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
e836ad6982ae2403bb0949a4a8282c23c026e58dc41258c62e115d2da11ef422
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e898be9760094910e11bbca4975c2bf4488a85b484d7995998612a5a497cf676
e94f4426e2a0165d50a9b25f375357ef06922ad522ca096a5ed3f83efd5b4e98
e99927b117a431d002d016853f9d56ccf53065686c483f8ce0429fa938490271
ea26a971949786128a5dcbb262ebfe777cb7a6a70750d2dcb8678cf653df6e99
ea4a59dfdd08e04aae4dc11ceb75b47497ab4cf3caacc3e27ab8e78e0219f6a3
ebfbd0e34a6fea2a069a8b72244af2db2a48b0d1b0c94050e7202543a06b1e47
ece093e3ec88dbfb93b990f06d662fb1b44860d4a94ed3ddf50f94485d43ce91
ed12b8f75afb8edd258e8bcbd195c0a2e75ba94b4d87608ab3952e9e03cd0a5b
eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
ee9a9d7e3b40a4af93a5a79da5f7d62f303e9dea244621b1d564bba5cad163ea
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f10f8963116cb67b19661d201df8f988a4cb0818864da9e868da2d279428913d
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f2092ab5b58ee05742a711f65fe3021be81a1d243a14109ad140ef42cfb6382f
f24cb9754dd6ef065d4744e49cd4b462016484aac9a418bbf1ae732ab9f33b5c
f27985f1488a0b3a15971c67dabecc5e34399f60f86ef3a459f3f87e65da51eb
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f2ca4f0f5bdccf0c6329a2a940ad84c3c26e103ceac646a8404913d1bd9f478f
f3787bf19c91edf134c15d82598a16a697b94bbcb96351eb6c434e8ced57a881
f46e8aea81be0e5d86904d49c8d3bf3d0353e51aa5e6f900a935d5c3b17e0b6b
f5e1465efda93e6d84d0c9d47544ad901016e7ede87db8f4066a24a3303ae027
f60efe58830b27bcd317e0ca19bc802c0123ce13f9293368929b0cc84353e403
f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b
f66d397728bc85503e92acca1822af9374bb95062fc8b81fa9f2892f156875ab
f695bd419cc1cc4959996d1441e57fb34dc4da7c4dd369d088fc9ed320069066
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7795979514d9e61c4c568dcc757c0ef6240591cedcb7a2cd8fa7b0510ce0611
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f84f8ae0086c5412c21e03686eaec54b00ca0d8252985423d22e79d0a46bdfbf
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
f985b36ef9de4c44709a1ecaa72d230016ecf311d388006b3cdc737b6678ffcb
f9fe53aff6ce2f05d1cbd106f6c82a73a2ea309138f31600cf38d3ff927f5e53
fa63c2e8d73aaff6e812bd11986905d56ba316bd3c3c24e4a2c76e45c911c21d
fbb8898b0e38e36436a5ef997551a44acf2febde285876557e44be8940b98796
fca0b268544f5127f37eba410a1a97bb020d9cd9ac4b10a2a3f575295272a605
fda12daf24a016c8b523bce28ae00077db0749ef28dd01b8cd8b8e70c13f4f64
ff4a553485d64dc68694388a8ff51cfe6d18e9f50582d3e4e2894c2a1c77c383
ff5c833bd9bae05ff2fa26387edda5c51549f72e5d18eb84c38a74a967370500
ffada400199a9d8f0e63330429f6964f7d6c62ad954d28c2bda59db302407678