crooked.com Open in urlscan Pro
2620:12a:8000::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://crookedmediareads.com/
Effective URL:
https://crooked.com/crookedmediareads/
Submission: On February 20 via api (February 20th 2024, 4:03:06 pm UTC) from BE — Scanned from NL

Summary HTTP 58 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 58 HTTP transactions. The main IP is 2620:12a:8000::1, located in United States and belongs to FASTLY, US. The main domain is crooked.com.
TLS certificate: Issued by R3 on January 18th 2024. Valid for: 3 months.

This is the only time crooked.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2620:12a:8000::1 2620:12a:8000::1	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2.19.96.146 2.19.96.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6813:a641	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.226.91.99 54.226.91.99	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c1f::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.66.192.31 18.66.192.31	16509 (AMAZON-02) (AMAZON-02)
1	95.101.44.28 95.101.44.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
58	17

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

crookedmediareads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2620:12a:8000::1 (United States)

ASN54113 (FASTLY, US)

crooked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.96.146 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-146.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:a641 (United States)

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.226.91.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-91-99.compute-1.amazonaws.com

boards.greenhouse.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1f::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.192.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-31.muc50.r.cloudfront.net

downloads.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.44.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-44-28.deploy.static.akamaitechnologies.com

mc.us19.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	crooked.com crooked.com	9 MB
7	mailchimp.com downloads.mailchimp.com — Cisco Umbrella Rank: 15551	116 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 2000	22 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 708	143 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 260	723 B
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 4541 cdn.acsbapp.com — Cisco Umbrella Rank: 4745	92 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 113	410 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	69 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	166 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 737	29 KB
1	list-manage.com mc.us19.list-manage.com — Cisco Umbrella Rank: 121878	8 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	greenhouse.io boards.greenhouse.io — Cisco Umbrella Rank: 54827	2 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2819	161 KB
1	crookedmediareads.com 1 redirects crookedmediareads.com	446 B
58	15

	Domain	Requested by
25	crooked.com	crooked.com
7	downloads.mailchimp.com	crooked.com downloads.mailchimp.com
5	analytics.tiktok.com	crooked.com analytics.tiktok.com
4	www.google-analytics.com	crooked.com
2	bam.nr-data.net	crooked.com
2	stats.g.doubleclick.net	crooked.com
2	connect.facebook.net	crooked.com
2	www.googletagmanager.com	crooked.com
1	js-agent.newrelic.com	crooked.com
1	cdn.acsbapp.com	acsbapp.com
1	mc.us19.list-manage.com	crooked.com
1	acsbapp.com	crooked.com
1	www.facebook.com	crooked.com
1	region1.google-analytics.com	www.googletagmanager.com
1	boards.greenhouse.io	crooked.com
1	res.cloudinary.com	crooked.com
1	crookedmediareads.com	1 redirects
58	17

This site contains links to these domains. Also see Links.

Domain
accessibe.com
crooked.supercast.com
store.crooked.com
votesaveamerica.com
crooked-coffee.com
zandoprojects.com
bookshop.org
www.amazon.com
www.barnesandnoble.com
www.target.com
www.booksamillion.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
crooked.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2024-06-22`	6 months	crt.sh
*.greenhouse.io R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
acsbapp.com GTS CA 1P5	`2023-12-26` - `2024-03-25`	3 months	crt.sh
downloads.mailchimp.com Amazon RSA 2048 M02	`2023-06-20` - `2024-07-17`	a year	crt.sh
wildcardsan.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-12` - `2024-09-11`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://crooked.com/crookedmediareads/
Frame ID: BF922B5612480D18BFA09BAF150670B0
Requests: 54 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/common.css
Frame ID: 08E505020F3E365CEFEF4FEEDDCE9612
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/common.css
Frame ID: 02046E29C3F1E3AE483CC2CF6F0711BF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crooked Media Reads | Crooked MediaFaceBook IconTwitter IconInstagram Icon

Page URL History Show full URLs

https://crookedmediareads.com/ HTTP 301
https://crooked.com/crookedmediareads/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

58
Requests

98 %
HTTPS

65 %
IPv6

15
Domains

17
Subdomains

17
IPs

3
Countries

10203 kB
Transfer

18442 kB
Size

12
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://crooked.supercast.com/
Title: SUBSCRIBE TO FRIENDS OF THE POD FOR EXCLUSIVE SHOWS FROM DAN PFEIFFER & MORE. SUBSCRIBE TO FRIENDS OF THE POD FOR EXCLUSIVE SHOWS FROM DAN PFEIFFER & MORE.

Search URL Search Domain Scan URL

URL: https://store.crooked.com/
Title: Merch

Search URL Search Domain Scan URL

URL: https://store.crooked.com/collections/crooked-coffee
Title: Coffee

Search URL Search Domain Scan URL

URL: https://votesaveamerica.com/
Title: Vote Save America

Search URL Search Domain Scan URL

URL: https://crooked-coffee.com/
Title: Coffee

Search URL Search Domain Scan URL

URL: https://zandoprojects.com/books/democracyorelse/
Title: PRE-ORDER NOW

Search URL Search Domain Scan URL

URL: https://bookshop.org/p/books/democracy-or-else-how-to-save-america-in-10-easy-steps-signed-edition-jon-favreau/20716143?ean=9781638931850
Title: Bookshop.org

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Democracy-Else-Save-America-Steps/dp/1638931437/ref=sr_1_1?crid=1DPG1J2EW9UJG&keywords=democracy+or+else+jon+favreau&qid=1697576954&sprefix=democracy+or+else+jon+favreu%2Caps%2C51&sr=8-1
Title: Amazon

Search URL Search Domain Scan URL

URL: https://www.barnesandnoble.com/w/zando-title-to-be-announced-zando-author-to-be-announced/1143927323?ean=9781638931430
Title: Barnes & Noble

Search URL Search Domain Scan URL

URL: https://www.target.com/p/democracy-or-else-by-jon-favreau-jon-lovett-tommy-vietor-hardcover/-/A-89785647#lnk=sametab
Title: Target

Search URL Search Domain Scan URL

URL: https://www.booksamillion.com/p/Zando-Title-Be-Announced/Zando-Author-to-Be-Announced/9781638931430?id=8975772060615
Title: Books-A-Million

Search URL Search Domain Scan URL

URL: https://bookshop.org/p/books/mobility-lydia-kiesling/18547461?aid=94387&ean=9781638930563&listref=crooked-media-reads
Title: Order Here

Search URL Search Domain Scan URL

URL: https://zandoprojects.com/
Title: ZandoProjects.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrookedMedia/
Title: FaceBook Icon FaceBook Icon

Search URL Search Domain Scan URL

URL: https://twitter.com/crookedmedia
Title: Twitter Icon Twitter Icon

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crookedmedia/
Title: Instagram Icon Instagram Icon

Search URL Search Domain Scan URL

URL: https://www.youtube.com/crookedmedia/
Title: .st0-youtube{fill:#FFFFFF;}

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://crookedmediareads.com/ HTTP 301
https://crooked.com/crookedmediareads/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
crooked.com/crookedmediareads/
Redirect Chain

https://crookedmediareads.com/
https://crooked.com/crookedmediareads/

128 KB
44 KB

751ms
419ms

Document
text/html

2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cae067a52d9d766ef04d0ad5e452087c0ad9a10c76a08f3e3ce889266dd2417e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 549
cache-control: public, max-age=600
content-encoding: gzip
content-length: 45037
content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 16:02:59 GMT
link: <https://crooked.com/wp-json/>; rel="https://api.w.org/" <https://crooked.com/wp-json/wp/v2/pages/21547>; rel="alternate"; type="application/json" <https://crooked.com/?p=21547>; rel=shortlink
server: nginx
strict-transport-security: max-age=300
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 3, 0
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-pxz8w
x-served-by: cache-chi-kigq8000128-CHI, cache-bom4741-BOM
x-styx-req-id: 3c58ef40-d008-11ee-9b97-de3662c7f895
x-timer: S1708444979.440042,VS0,VE257

Redirect headers

cache-control: max-age=3600
cf-ray: 8587fa1ed967b939-AMS
date: Tue, 20 Feb 2024 16:02:59 GMT
expires: Tue, 20 Feb 2024 17:02:59 GMT
location: https://crooked.com/crookedmediareads/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FF3k7ukJIO%2BxuDbCyS0RT%2Ftd7jU2FlR1FgNwyJcORtbCrcWS0NOmDnRkC7n5ltbd6GKrzB5pMxpF4FPFRBg9UdrMr4CA7G46d1GoHYsL9DTqyU6lBR3yL6CqDwKq%2FjRmozx6GdNBqJ8eO7x4qkuA8OH8%2BE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
74 KB 122ms
68ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KL749DH

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f477d795b837a5e42372c8a0e652ce8ae04ebbeb70ecead0942dde532ee7e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:02:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75313
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Feb 2024 16:02:59 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 72ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 20 Feb 2024 16:02:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: pOxjph2+dz2aVMruYHDFY16HZZe+ezJjJsPXLO4DHukPCLxIzJlCNMr35tcHqrPnxyRtPtwaAJfS/Qiuy//cBg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 260ms
151ms Script
application/javascript 2.19.96.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CI0IJRBC77U8RIVTAU20&lib=ttq
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.146 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 572554b91658dd0a4253626ab4d59f0b1d378cd1c90faa1ce16b3e3bd1e77bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id: 564f5fca.7a790fe
date: Tue, 20 Feb 2024 16:03:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240220160300C7AA4D15351D9B5CCD0C-6F45F3AFF0C8118C-00
x-cache: TCP_MISS from a2-19-96-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 97,2.19.96.142
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=7, inner; dur=4
content-length: 1332
pragma: no-cache
server: nginx
x-tt-logid: 20240220160300C7AA4D15351D9B5CCD0C
x-cache-remote: TCP_MISS from a23-48-100-173.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.100.173
x-tt-trace-host: 01b33b10dbdc09993e3947bd9c31ec43b6a4abd80246ceef9a65fc02445505230d45ee22316ee8c8000956cafd7b22b2cd78f0a6f20365286af542a6b193f4c63c62354b05637d376ea96681836b3d78e00564cc7d510dd92be9c63b052b4a7b152b5454a5e8154703095dff838373c5ae
expires: Tue, 20 Feb 2024 16:03:00 GMT

GET
H2 200 style.min.css
crooked.com/wp-includes/css/dist/block-library/ 108 KB
19 KB 156ms
156ms Stylesheet
text/css 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:04 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:02:59 GMT
age: 1182115
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7bd748dd7c-9h4cj
content-length: 18736
x-served-by: cache-chi-klot8100177-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:17 GMT
server: nginx
x-timer: S1708444980.910690,VS0,VE2
etag: W/"65c2c325-1ae43"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 3109d3c8-c549-11ee-bbaa-d6e33006396c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 32

GET
H2 200 orgSeries-extra.css
crooked.com/wp-content/plugins/organize-series-extra-tokens/ 98 B
304 B 181ms
181ms Stylesheet
text/css 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/plugins/organize-series-extra-tokens/orgSeries-extra.css?ver=6.4.3

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6dabcad526fb659d75b723d7fa58f42c0ab463eab4ed84bc87a9d6bbed3ae856

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:04 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:02:59 GMT
age: 1182116
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-h94wf
content-length: 107
x-served-by: cache-chi-klot8100035-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:13 GMT
server: nginx
x-timer: S1708444980.911342,VS0,VE3
etag: W/"65c2c321-62"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 3109a018-c549-11ee-b8ce-aaf665ccb80d
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 orgSeries.css
crooked.com/wp-content/plugins/organize-series/ 5 KB
1 KB 182ms
182ms Stylesheet
text/css 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/plugins/organize-series/orgSeries.css?ver=6.4.3

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

05f4795c89c9f42e21e0e0fcef046a5348e8a54913f9285face1397c27f2552a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:04 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:02:59 GMT
age: 1182116
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-h94wf
content-length: 1234
x-served-by: cache-chi-klot8100170-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:14 GMT
server: nginx
x-timer: S1708444980.911305,VS0,VE3
etag: W/"65c2c322-12f8"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 310b9554-c549-11ee-b8ce-aaf665ccb80d
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 main.css
crooked.com/wp-content/themes/crooked/compiled/ 654 KB
154 KB 206ms
206ms Stylesheet
text/css 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ba6688cbafdd6a56181c3e3107528e2555fbb2fa279ed44bfa8893c6bd6db6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 18 Feb 2025 21:05:20 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:02:59 GMT
age: 154660
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-pxz8w
content-length: 157126
x-served-by: cache-chi-kigq8000120-CHI, cache-bom4741-BOM
last-modified: Sat, 17 Feb 2024 01:42:23 GMT
server: nginx
x-timer: S1708444980.911281,VS0,VE4
etag: W/"65d00eff-a3783"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 6cc39341-cea1-11ee-97e7-de3662c7f895
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 doe-homepage-desktop-565466-2czsNBZM.jpg
res.cloudinary.com/crooked-media/images/f_auto,q_auto/v1705688045/crooked/doe-homepage-desktop-565466-2czsNBZM/ 161 KB
161 KB 125ms
51ms Image
image/webp 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/crooked-media/images/f_auto,q_auto/v1705688045/crooked/doe-homepage-desktop-565466-2czsNBZM/doe-homepage-desktop-565466-2czsNBZM.jpg?_i=AA

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d495c19fa8b489f862c098c5dd75a9de695e8ce1b726f678d1183faaa62c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:02:59 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="doe-homepage-desktop-565466-2czsNBZM.jpg"
server-timing: cld-cloudflare;dur=22;start=2024-02-20T16:02:59.924Z;desc=hit,rtt;dur=17,content-info;desc="width=2561,height=1401,bytes=164506,owidth=2561,oheight=1401,obytes=967013,ef=(1,11,13,17);"
content-length: 164506
last-modified: Fri, 19 Jan 2024 18:14:50 GMT
server: cloudflare
etag: "307058d26f21a362fbe90c6108afb22d"
vary: Accept,User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 8587fa247805b8ba-AMS
timing-allow-origin: *

GET
H2 200 doe-social-4x5-806345-j9EvhOwg.png
crooked.com/wp-content/uploads/2024/01/ 3 MB
3 MB 1525ms
1525ms Image
image/png 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/uploads/2024/01/doe-social-4x5-806345-j9EvhOwg.png

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0469d873598ac622b32ecc0522b9ad7d194e771f8f3478510f4e1f725d0d34b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe1-a-7bd748dd7c-zpjmm
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:01 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sun, 09 Feb 2025 02:53:51 GMT
age: 627528
x-cache: HIT, MISS
content-length: 3640127
x-served-by: cache-chi-kigq8000081-CHI, cache-bom4741-BOM
last-modified: Tue, 23 Jan 2024 08:26:38 GMT
server: nginx
x-timer: S1708444980.911879,VS0,VE1360
etag: "65af783e-378b3f"
content-type: image/png
x-styx-req-id: 746f8827-c6f6-11ee-81c7-de5b0d54b8ac
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 img-8400-090892-1EARc6dw.jpg
crooked.com/wp-content/uploads/2023/10/ 149 KB
150 KB 292ms
291ms Image
image/jpeg 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/uploads/2023/10/img-8400-090892-1EARc6dw.jpg

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d0c8cdaaba68ef9d690d3973386c24fc2037399fd8648058f83221e2b83dfe6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe1-a-7bd748dd7c-2fz22
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
expires: Mon, 10 Feb 2025 22:11:00 GMT
age: 841920
x-cache: HIT, HIT
content-length: 152878
x-served-by: cache-chi-kigq8000162-CHI, cache-bom4741-BOM
last-modified: Tue, 23 Jan 2024 08:23:18 GMT
server: nginx
x-timer: S1708444980.072010,VS0,VE3
etag: "65af7776-2552e"
content-type: image/jpeg
x-styx-req-id: 459c1638-c861-11ee-a3c8-26c833b571ee
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 cmr-logo-pink-269909-y3TRXN03.png
crooked.com/wp-content/uploads/2023/10/ 28 KB
28 KB 167ms
165ms Image
image/png 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/uploads/2023/10/cmr-logo-pink-269909-y3TRXN03.png

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c7344c1bd0628ca5bf34acec777a9990a355e391974069bec5b22a10c1533f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe1-b-86568b7775-77zgl
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 06 Feb 2025 23:54:40 GMT
age: 519620
x-cache: HIT, HIT
content-length: 28422
x-served-by: cache-chi-klot8100137-CHI, cache-bom4741-BOM
last-modified: Tue, 23 Jan 2024 08:23:01 GMT
server: nginx
x-timer: S1708444980.366078,VS0,VE4
etag: "65af7765-6f06"
content-type: image/png
x-styx-req-id: 17b22dd7-c54b-11ee-baea-7e10374d52f5
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 mobility-bookcover-005573-AjHzG6Ay.png
crooked.com/wp-content/uploads/2023/10/ 1 MB
1 MB 693ms
691ms Image
image/png 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/uploads/2023/10/mobility-bookcover-005573-AjHzG6Ay.png

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1d02bfd9cb11689fa61ed6140411c6880a486a431f2d5cb59a05c3de755bef6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe1-b-86568b7775-bdks7
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
expires: Mon, 10 Feb 2025 08:31:00 GMT
age: 174286
x-cache: HIT, HIT
content-length: 1316819
x-served-by: cache-chi-klot8100149-CHI, cache-bom4741-BOM
last-modified: Tue, 23 Jan 2024 08:23:26 GMT
server: nginx
x-timer: S1708444980.367451,VS0,VE249
etag: "65af777e-1417d3"
content-type: image/png
x-styx-req-id: b8411414-c7ee-11ee-8818-46987ed7dc75
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 ema-396155-gwB3I8PS.png
crooked.com/wp-content/uploads/2023/10/ 602 KB
602 KB 178ms
176ms Image
image/png 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/uploads/2023/10/ema-396155-gwB3I8PS.png

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

268b47ae5d91a57ee3af302a6b76ba61cd46ece6604482129d4668f52c1eb02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe1-a-7bd748dd7c-zpjmm
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sun, 09 Feb 2025 08:15:38 GMT
age: 978441
x-cache: HIT, HIT
content-length: 616169
x-served-by: cache-chi-kigq8000165-CHI, cache-bom4741-BOM
last-modified: Tue, 23 Jan 2024 08:23:07 GMT
server: nginx
x-timer: S1708444980.367571,VS0,VE6
etag: "65af776b-966e9"
content-type: image/png
x-styx-req-id: 68b1fea6-c723-11ee-81c7-de5b0d54b8ac
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 emily-621329-m6kAM0uN.png
crooked.com/wp-content/uploads/2023/10/ 702 KB
703 KB 179ms
177ms Image
image/png 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/uploads/2023/10/emily-621329-m6kAM0uN.png

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3eafcc7f0192c4e0c2d420678c2db5f0e5066f9bc5aefc71d41cdd75e5624c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe1-b-86568b7775-h94wf
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
expires: Mon, 10 Feb 2025 22:11:00 GMT
age: 841920
x-cache: HIT, HIT
content-length: 718856
x-served-by: cache-chi-kigq8000083-CHI, cache-bom4741-BOM
last-modified: Tue, 23 Jan 2024 08:23:08 GMT
server: nginx
x-timer: S1708444980.367802,VS0,VE6
etag: "65af776c-af808"
content-type: image/png
x-styx-req-id: 45b022ae-c861-11ee-b8ce-aaf665ccb80d
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
BLOB 200
OK aeaca52e-dc6d-4e75-9d5f-c2967634c8e0
https://crooked.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://crooked.com/aeaca52e-dc6d-4e75-9d5f-c2967634c8e0
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 litman-129048-STHpMdlb.png
crooked.com/wp-content/uploads/2023/12/ 161 KB
162 KB 695ms
694ms Image
image/png 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/uploads/2023/12/litman-129048-STHpMdlb.png

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

00f41ddec21a967b5f4695ba7fb6623604fb6654ea47bd4a94bd566471408adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe1-a-7bd748dd7c-xnmbl
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sun, 16 Feb 2025 15:56:15 GMT
age: 346005
x-cache: HIT, MISS
content-length: 165091
x-served-by: cache-chi-kigq8000147-CHI, cache-bom4741-BOM
last-modified: Tue, 23 Jan 2024 08:26:04 GMT
server: nginx
x-timer: S1708444980.368010,VS0,VE309
etag: "65af781c-284e3"
content-type: image/png
x-styx-req-id: e9f84070-cce3-11ee-8c15-be43ae26a604
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 bypass.js Show response
crooked.com/wp-content/plugins/bypass-iframe-height-limit/js/ 2 KB
1 KB 172ms
170ms Script
application/x-javascript 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/plugins/bypass-iframe-height-limit/js/bypass.js?ver=6.4.3

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

179667910358486f89822e5ac97e39bfe14f1ba016b33e909323226ebd1f257b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 01:14:28 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:03:00 GMT
age: 571712
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7bd748dd7c-8cnxr
content-length: 990
x-served-by: cache-chi-kigq8000067-CHI, cache-bom4741-BOM
last-modified: Tue, 13 Feb 2024 08:35:32 GMT
server: nginx
x-timer: S1708444980.366470,VS0,VE4
etag: W/"65cb29d4-854"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 669f60ec-cad6-11ee-a1ae-662b7cc437ca
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 app.js Show response
crooked.com/wp-content/themes/crooked/compiled/js/ 8 MB
2 MB 443ms
441ms Script
application/x-javascript 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/themes/crooked/compiled/js/app.js?ver=1708290277

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

164a44a952c426c99e148e18f6ecab47c1aa3bcc992aa39e7942202e1d1329d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 18 Feb 2025 21:05:20 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:03:00 GMT
age: 154660
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-8zfp8
content-length: 2458315
x-served-by: cache-chi-kigq8000050-CHI, cache-bom4741-BOM
last-modified: Sun, 18 Feb 2024 21:04:37 GMT
server: nginx
x-timer: S1708444980.367529,VS0,VE23
etag: W/"65d270e5-853a2c"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 6ccc3cc1-cea1-11ee-9f71-6ea307aa86bd
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 js Show response
boards.greenhouse.io/embed/job_board/ 5 KB
2 KB 337ms
115ms Script
text/html 54.226.91.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://boards.greenhouse.io/embed/job_board/js?for=crookedmedia

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.226.91.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-91-99.compute-1.amazonaws.com

Software

Resource Hash

2dd4ca741a94a782dc61d2f88d480f2bc2ea2a723f710af636323c10d794a0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-runtime: 0.010624
date: Tue, 20 Feb 2024 16:03:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"2dd4ca741a94a782dc61d2f88d480f2b"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: 39c03e95fa2c055670bb6892578fb619

GET
H2 200 278976489405677 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 152ms
150ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/278976489405677?v=2.9.147&r=stable&domain=crooked.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc62836001dad2396681aa3df04168bc2ce9229630658e1bf26847510f71c5ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 20 Feb 2024 16:03:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 1BX7+t3rre08mj34BUGqUvb892pXErCtIhHQq5jLMLUY2+bDV+3hnYq1+xw4QxlOKqgIr3aMXnzLNW0/9KUC9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
92 KB 76ms
74ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KN0BF907JT&l=dataLayer&cx=c

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f042c5c26cabd45b5f074e853f1473e1549ddad40275f5209af73697e738055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93662
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Feb 2024 16:03:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 160ms
47ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Feb 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 891
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 20 Feb 2024 17:48:09 GMT

GET
H2 200 icon-cta-arrow.svg
crooked.com/wp-content/themes/crooked/images/ 166 B
438 B 169ms
169ms Image
image/svg+xml 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/themes/crooked/images/icon-cta-arrow.svg

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6aa3424d9288133c9e90f11409d9790623b82e20145c53f7f0421d78809be0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
Origin: https://crooked.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:23 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:03:00 GMT
age: 1182096
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-jl44w
content-length: 151
x-served-by: cache-chi-kigq8000103-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:12 GMT
server: nginx
x-timer: S1708444980.368327,VS0,VE3
etag: W/"65c2c320-a6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 3c76dd5a-c549-11ee-bd57-82cd23673532
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 icon-chevron-down.svg
crooked.com/wp-content/themes/crooked/images/ 210 B
437 B 488ms
488ms Image
image/svg+xml 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/themes/crooked/images/icon-chevron-down.svg

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

049e85081d0e7f378727a5175517648e10724601b45793899f5eb3b534077a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 20:02:20 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:03:00 GMT
age: 676841
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-r8j7b
content-length: 178
x-served-by: cache-chi-kigq8000042-CHI, cache-bom4741-BOM
last-modified: Sun, 11 Feb 2024 16:49:05 GMT
server: nginx
x-timer: S1708444981.520388,VS0,VE5
etag: W/"65c8fa81-d2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: a0f1dd30-c9e1-11ee-9958-9a89384afd6a
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 icon-external-link.svg
crooked.com/wp-content/themes/crooked/images/ 110 B
389 B 488ms
488ms Image
image/svg+xml 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/themes/crooked/images/icon-external-link.svg

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

362fe6cb1cc83ac67355b2b8d6d6e508283311a3d8c29fddbe4dcba69d663148

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:23 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:03:00 GMT
age: 1182097
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7bd748dd7c-9h4cj
content-length: 123
x-served-by: cache-chi-klot8100092-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:12 GMT
server: nginx
x-timer: S1708444981.520323,VS0,VE5
etag: W/"65c2c320-6e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 3c76d3f3-c549-11ee-bbaa-d6e33006396c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 148, 1

GET
H2 200 icon-search-black.svg
crooked.com/wp-content/themes/crooked/images/ 232 B
481 B 489ms
489ms Image
image/svg+xml 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crooked.com/wp-content/themes/crooked/images/icon-search-black.svg

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

54a893a296d8fb144e373e96bb024153be778793326eb6fd0505af1e8f6859c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 03:28:47 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:03:00 GMT
age: 1168452
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-9zft8
content-length: 182
x-served-by: cache-chi-kigq8000156-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:13 GMT
server: nginx
x-timer: S1708444981.520302,VS0,VE3
etag: W/"65c2c321-e8"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 01258d4c-c569-11ee-ab7a-76ac4c18a8e1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 2

GET
H2 200 GT-America-Standard-Black.woff2
crooked.com/wp-content/themes/crooked/webfonts/gtamerica/ 47 KB
47 KB 488ms
487ms Font
font/woff2 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/themes/crooked/webfonts/gtamerica/GT-America-Standard-Black.woff2

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a7fab6df5e373d581aa1510fa4aa5158207ffa670c5579b2555be05de91b2912

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
Origin: https://crooked.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 21:20:13 GMT
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-bdks7
age: 585767
x-cache: HIT, HIT
content-length: 48136
x-served-by: cache-chi-klot8100056-CHI, cache-bom4741-BOM
last-modified: Tue, 13 Feb 2024 08:35:32 GMT
server: nginx
x-timer: S1708444981.520267,VS0,VE5
etag: "65cb29d4-bc08"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: ad22e358-cab5-11ee-8806-46987ed7dc75
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 GT-America-Condensed-Black.woff2
crooked.com/wp-content/themes/crooked/webfonts/gtamerica/ 48 KB
48 KB 487ms
486ms Font
font/woff2 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/themes/crooked/webfonts/gtamerica/GT-America-Condensed-Black.woff2

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1d8f5dda481133c0f3bc7d26af8bfdc9e2f0ddcbfae575fdbb5a64b6463bc93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
Origin: https://crooked.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:06 GMT
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-jl44w
age: 1182114
x-cache: HIT, HIT
content-length: 49336
x-served-by: cache-chi-klot8100050-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:12 GMT
server: nginx
x-timer: S1708444981.520255,VS0,VE5
etag: "65c2c320-c0b8"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: 32884cdd-c549-11ee-bd57-82cd23673532
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 GT-America-Mono-Black.woff2
crooked.com/wp-content/themes/crooked/webfonts/gtamerica/ 36 KB
36 KB 488ms
487ms Font
font/woff2 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/themes/crooked/webfonts/gtamerica/GT-America-Mono-Black.woff2

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c449f94f280342ef65302fe67e6b196846f36e44d54a0b86702d769e33fa3811

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
Origin: https://crooked.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:06 GMT
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-a-7bd748dd7c-9h4cj
age: 1182113
x-cache: HIT, HIT
content-length: 36856
x-served-by: cache-chi-kigq8000136-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:15 GMT
server: nginx
x-timer: S1708444981.520215,VS0,VE4
etag: "65c2c323-8ff8"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: 3288034b-c549-11ee-bbaa-d6e33006396c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H2 200 GT-America-Standard-Regular.woff2
crooked.com/wp-content/themes/crooked/webfonts/gtamerica/ 45 KB
46 KB 488ms
488ms Font
font/woff2 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/themes/crooked/webfonts/gtamerica/GT-America-Standard-Regular.woff2

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1f5d0d0b267b8492e7c2cf4f1689340b2438fbd57eeb804db8f43cde171dff85

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
Origin: https://crooked.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:06 GMT
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-77zgl
age: 1182113
x-cache: HIT, HIT
content-length: 46584
x-served-by: cache-chi-klot8100064-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:13 GMT
server: nginx
x-timer: S1708444981.520169,VS0,VE9
etag: "65c2c321-b5f8"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: 3287ec45-c549-11ee-baea-7e10374d52f5
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 GT-America-Standard-Bold.woff2
crooked.com/wp-content/themes/crooked/webfonts/gtamerica/ 48 KB
48 KB 677ms
677ms Font
font/woff2 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/themes/crooked/webfonts/gtamerica/GT-America-Standard-Bold.woff2

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

51a0fee2532fa48195cd9405016a2bb36b6c6dbeb668c70236af64cff810bc74

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
Origin: https://crooked.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:06 GMT
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-a-7bd748dd7c-9h4cj
age: 1182113
x-cache: HIT, HIT
content-length: 49024
x-served-by: cache-chi-kigq8000124-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:12 GMT
server: nginx
x-timer: S1708444981.520123,VS0,VE24
etag: "65c2c320-bf80"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: 3289ea9f-c549-11ee-bbaa-d6e33006396c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 GT-America-Condensed-Black-Italic.woff2
crooked.com/wp-content/themes/crooked/webfonts/gtamerica/ 49 KB
50 KB 857ms
857ms Font
font/woff2 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-content/themes/crooked/webfonts/gtamerica/GT-America-Condensed-Black-Italic.woff2

Requested by

Host: crooked.com
URL: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4596ac226b50a4aaec75ca7e413eb5ea4cc165e931ce59d69653657816d8cf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://crooked.com/wp-content/themes/crooked/compiled/main.css?ver=1708290277
Origin: https://crooked.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:54:40 GMT
strict-transport-security: max-age=300
date: Tue, 20 Feb 2024 16:03:00 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-h94wf
age: 1181300
x-cache: HIT, MISS
content-length: 50524
x-served-by: cache-chi-klot8100169-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:12 GMT
server: nginx
x-timer: S1708444981.520094,VS0,VE256
etag: "65c2c320-c55c"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: 17de833e-c54b-11ee-b8ce-aaf665ccb80d
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 56ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KN0BF907JT&gtm=45je42e0v890773999z8832065299za200&_p=1708444979832&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1636451993.1708444980&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708444980&sct=1&seg=0&dl=https%3A%2F%2Fcrooked.com%2Fcrookedmediareads%2F&dt=Crooked%20Media%20Reads%20%7C%20Crooked%20Media&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1782
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KN0BF907JT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 16:03:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crooked.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 90ms
24ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=278976489405677&ev=PageView&dl=https%3A%2F%2Fcrooked.com%2Fcrookedmediareads%2F&rl=&if=false&ts=1708444980472&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1708444980471.2068440722&ler=empty&cdl=API_unavailable&it=1708444979965&coo=false&exp=e1&rqm=GET

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 20 Feb 2024 16:03:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 20 Feb 2024 16:51:58 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 32ms
32ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1534852222&t=pageview&_s=1&dl=https%3A%2F%2Fcrooked.com%2Fcrookedmediareads%2F&ul=en-us&de=UTF-8&dt=Crooked%20Media%20Reads%20%7C%20Crooked%20Media&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEIhAAAAACAAI~&jid=586388941&gjid=1304877928&cid=1636451993.1708444980&tid=UA-108072211-1&_gid=386765894.1708444980&_r=1&_slc=1&gtm=45He42e0n81KL749DHv832065299za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1536303133

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://crooked.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 16:03:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crooked.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 31ms
31ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1534852222&t=pageview&_s=1&dl=https%3A%2F%2Fcrooked.com%2Fcrookedmediareads%2F&ul=en-us&de=UTF-8&dt=Crooked%20Media%20Reads%20%7C%20Crooked%20Media&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEIhAAAAACAAI~&jid=1202930989&gjid=675150198&cid=1636451993.1708444980&tid=UA-108072211-1&_gid=386765894.1708444980&_r=1&z=2104152805

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://crooked.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 16:03:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crooked.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 73ms
25ms XHR
text/plain 2a00:1450:400c:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-108072211-1&cid=1636451993.1708444980&jid=586388941&gjid=1304877928&_gid=386765894.1708444980&_u=YADAAEIgAAAAACAAI~&z=98003670

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://crooked.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Feb 2024 16:03:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crooked.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 52ms
25ms XHR
text/plain 2a00:1450:400c:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-108072211-1&cid=1636451993.1708444980&jid=1202930989&gjid=675150198&_gid=386765894.1708444980&_u=aCDAAEIhAAAAACAAI~&z=718758794

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://crooked.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Feb 2024 16:03:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crooked.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTU3YmJkODI0MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 379 KB
103 KB 42ms
42ms Script
application/javascript 2.19.96.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.146 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id: 7a7926d
date: Tue, 20 Feb 2024 16:03:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024012520084764BCE36CCE0074700A85
x-tt-trace-id: 00-24012520084764BCE36CCE0074700A85-132BF365CD1D916D-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-19-96-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017228500c401e99051417dc717e08618e6d12fa25fe3e1685ceba67f3548a70fcbf1c39ddef25d47faed91a13499ea9a383355944cbb89a420dcd23ee709ce430cc57e34cdd9582e7df36fa7ca63c57a3b2f59f6a4d24095bdf2d98ea2f4ecc40
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 104393

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 35ms
35ms Script
application/javascript 2.19.96.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.146 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id: 7a792fd
date: Tue, 20 Feb 2024 16:03:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240123151538CB105E941C491498224C
x-tt-trace-id: 00-240123151538CB105E941C491498224C-1FABFF5BB1D8E736-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-96-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e83572f3e52186dc1c593befa1fab62db99c1f7153c437ec06474e07ee27c8d6bb4252a83cc74e0784f7094d3a20b41c80a3c99c7448c7993d6435b3d9e32c7b9f5e52308612f81020fc1a7b2241bf4aaea20881c32eda1b3eaaf4bd6e886b94
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
content-length: 37008

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
842 B 194ms
194ms Ping
text/plain 2.19.96.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.146 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://crooked.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5065018a.7a79345
date: Tue, 20 Feb 2024 16:03:00 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402201603009F1D854C6782D8580D7E-667F27CEE6D4BF46-00
x-cache: TCP_MISS from a2-19-96-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 149,2.19.96.142
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=63, inner; dur=60
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402201603009F1D854C6782D8580D7E
x-cache-remote: TCP_MISS from a23-220-106-82.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.1-54226592) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 63,23.220.106.82
x-tt-trace-host: 01b33b10dbdc09993e3947bd9c31ec43b6a4abd80246ceef9a65fc02445505230d7d4419c333b12313a707c6c92b5704104c2bdd59f8da53f736ee6c6055bcee8a5ec7df171937128547292abcf3d1778326f386b2e8b791408159f2b65690d7cee4bef41f7301d937a97030fa94ecc325
access-control-allow-headers: Authorization,*
expires: Tue, 20 Feb 2024 16:03:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
837 B 191ms
191ms Ping
text/plain 2.19.96.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.146 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://crooked.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d16863d.7a79496
date: Tue, 20 Feb 2024 16:03:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402201603010992D0EA14C8915F8526-0E0C4C63BD08F089-00
x-cache: TCP_MISS from a2-19-96-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 131,2.19.96.142
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=31, inner; dur=26
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402201603010992D0EA14C8915F8526
x-cache-remote: TCP_MISS from a23-48-249-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.48.249.142
x-tt-trace-host: 01b33b10dbdc09993e3947bd9c31ec43b6a4abd80246ceef9a65fc02445505230d33d8687a8b10b0aa1fe6ec91ad3a1ade943cb34c03a15146fcfb3353e6424861a465d9d38eb191b7d172bafd7ac8396a680d3faad07d23e070742e2d5eb7078341489731092ddfb2140e2fc47d57b511
access-control-allow-headers: Authorization,*
expires: Tue, 20 Feb 2024 16:03:01 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 298 KB
91 KB 229ms
164ms Script
application/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f180bd22855ecbcb04f5337542bb8006a4324a603d45371a1a69efab9cb13d88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:03:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPox0cgvGBbbB9Y-z5xB4UHOmL2zC8kdgwBClvKgkWb-AVmuWl_r6lg1PUOkPmNGDbJzqjdW32jxJQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Sun, 18 Feb 2024 20:00:36 GMT
server: cloudflare
etag: W/"bc27c41bba425f691c753fad5a258818"
vary: Accept-Encoding
x-goog-hash: crc32c=q1A1/A==, md5=vCfEG7pCX2kcdT+tWiWIGA==
x-goog-generation: 1708286436241314
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 305352
cf-ray: 8587fa2e4bb51cd2-AMS
expires: Wed, 19 Feb 2025 16:03:01 GMT

GET
H2 200 wp-emoji-release.min.js Show response
crooked.com/wp-includes/js/ 18 KB
6 KB 157ms
157ms Script
application/x-javascript 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://crooked.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/crookedmediareads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:41:04 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Feb 2024 16:03:01 GMT
age: 1182117
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-nc2tt
content-length: 5842
x-served-by: cache-chi-kigq8000087-CHI, cache-bom4741-BOM
last-modified: Tue, 06 Feb 2024 23:39:14 GMT
server: nginx
x-timer: S1708444981.487332,VS0,VE3
etag: W/"65c2c322-4904"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 3170fa6f-c549-11ee-a3bc-02b857e0357b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK embed.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 225 KB
73 KB 112ms
35ms Script
application/javascript 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 393a77e3774999cd29638b6c16f09a75ae76cd6d65c05e511aeb62a228868d58

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 05:21:31 GMT
Content-Encoding: gzip
Via: 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
Last-Modified: Sat, 17 Feb 2024 06:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 84317
x-amz-server-side-encryption: AES256
ETag: W/"a1d39ffa962a383aee6dbee18113a266"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 7HIIi4SVn9HlzOM1vCruWf3tRzH-88j5O25hhQT7Z26yBdbeUpCVuw==

GET
H2 200 form-settings Show response
mc.us19.list-manage.com/subscribe/ 13 KB
8 KB 171ms
69ms Script
application/json 95.101.44.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.us19.list-manage.com/subscribe/form-settings?u=8855a23519ab892dfe2cd34f6&id=baf4f2660e&f_id=undefined&u=8855a23519ab892dfe2cd34f6&id=baf4f2660e&c=dojo_request_script_callbacks.dojo_request_script0
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.44.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-44-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 00b3148ae7a70ce7852669e3f82fc62986fa248af06985c4f93fa6430d136e23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 20 Feb 2024 16:03:16 GMT
date: Tue, 20 Feb 2024 16:03:01 GMT
content-encoding: gzip
referrer-policy: same-origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=15
server-timing: cdn-cache; desc=HIT, edge; dur=27, origin; dur=0, ak_p; desc="1708444981625_3245104808_104845678_2670_11713_22_65_146";dur=1
content-length: 6339
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/crooked.com/ 163 B
700 B 202ms
141ms Fetch
application/json 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/crooked.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a9889804e48958b44fa6366c7af4d9ad6553baf512136f15017fa4773d8c180

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:03:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPrnN1FpJJcb4tmkmmArJgQ6nv_diciosUjn3x_CHm_fU_7GYB-rpIjU2Cg4vgxhjTBklDw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 08 Feb 2023 14:00:03 GMT
server: cloudflare
etag: W/"7b4dc1d233fea592ad5489d42e5658ad"
vary: Accept-Encoding
x-goog-hash: crc32c=TieTlg==, md5=e03B0jP+pZKtVInULlZYrQ==
x-goog-generation: 1675864803913371
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 163
cf-ray: 8587fa310899656a-AMS
expires: Wed, 19 Feb 2025 16:03:02 GMT

GET
H/1.1 200
OK popup.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dfe06572073337461503fc1b7220303df678803d/ 111 KB
33 KB 35ms
35ms Script
application/javascript 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dfe06572073337461503fc1b7220303df678803d/popup.js
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 537517c759eb27641b15b1c3ee08033606762a27a320faa3461017edd301e94f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 09:23:29 GMT
Content-Encoding: gzip
Via: 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Feb 2024 15:40:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 32437
x-amz-server-side-encryption: AES256
ETag: W/"affe45fde669a2dd8686a667caf1806b"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: qZ5ZczHoXqksq38Ui27hH-zhJ5_pdcI2UboFusHiiyOQClSNrYA9ww==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/ Frame 08E5 10 KB
3 KB 31ms
30ms Stylesheet
text/css 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2e0c4c047cdee9096c2d1642fc9a4192b82ca89c9e734953747d0cd51d4e6cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 08:41:25 GMT
Content-Encoding: gzip
Via: 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Feb 2024 15:40:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 42744
x-amz-server-side-encryption: AES256
ETag: W/"7172da3d9656cb6fc6a67cdecbf0788c"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: B82OEj5zUZ2ty-NM_R08RzbK7kH9lMlRRQ3lQPH3CZ8HPGnUFZhFng==

GET
H/1.1 200
OK banner.css
downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/ Frame 08E5 813 B
1 KB 65ms
34ms Stylesheet
text/css 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/banner.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 10:05:01 GMT
Via: 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Feb 2024 15:40:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 24051
x-amz-server-side-encryption: AES256
ETag: "03dc514068214f6d7d052c91c8492206"
Vary: Accept-Encoding, Origin
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 813
X-Amz-Cf-Id: u3h3IGsTk9mKEv10wB2TaQAXQjKOj2IL5NHr-P4w4zx4LnmI3s7zhg==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/ Frame 0204 10 KB
3 KB 84ms
30ms Stylesheet
text/css 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2e0c4c047cdee9096c2d1642fc9a4192b82ca89c9e734953747d0cd51d4e6cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 08:41:25 GMT
Content-Encoding: gzip
Via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Feb 2024 15:40:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 42744
x-amz-server-side-encryption: AES256
ETag: W/"7172da3d9656cb6fc6a67cdecbf0788c"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: wnsydU-yBy2U3vxPUdGtxmWXORhqvIjt5bHM65MtgaA-Y9nbblGVSw==

GET
H/1.1 200
OK layout-3.css
downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/ Frame 0204 1 KB
988 B 89ms
30ms Stylesheet
text/css 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/layout-3.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b88797b25b7281913df0c710d57987a27103c4dcf63a0deee70df2d4121b0c12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 07:41:43 GMT
Content-Encoding: gzip
Via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Feb 2024 15:40:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 30088
x-amz-server-side-encryption: AES256
ETag: W/"c50986087cba12ac62e2fc35a27df97b"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: FbFInUxtMT1exLCc_25QApYx03OVqtwmtlgChTshL5M7Weg1E2f-7w==

GET
H/1.1 200
OK modal.css
downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/ 3 KB
2 KB 90ms
31ms Stylesheet
text/css 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dfe06572073337461503fc1b7220303df678803d/modal.css
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68924b973ceb3199ea958031fc60bff8360083d87eb648568a53f0c808addf07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crooked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 11:27:49 GMT
Content-Encoding: gzip
Via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Feb 2024 15:40:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 17772
x-amz-server-side-encryption: AES256
ETag: W/"4ffd4d51a85e66c49e842005734dd999"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: qXe79SUpuMRBIXU04xR6nYR1Bi9XZdMtTl8rlpDSH0Gu1GYE-SYZAQ==

GET
H2 200 nr-spa-1.252.0.min.js Show response
js-agent.newrelic.com/ 88 KB
29 KB 69ms
20ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.252.0.min.js

Requested by

Host: crooked.com
URL: https://crooked.com/crookedmediareads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://crooked.com/
Origin: https://crooked.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: 1zTB_zIu9GsCJr9CnWa8NksGpEL6v25e
content-encoding: br
via: 1.1 varnish
date: Tue, 20 Feb 2024 16:03:02 GMT
strict-transport-security: max-age=300
x-amz-request-id: 1YA1KVNDMQ48XD67
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29571
x-amz-id-2: R40D4qbGga5a55P+ngkeJW2AGRcxAuQZ30gcemUu1JHp6hEi5adehL40cg0V0V2UQQtUhUfzm6Q=
x-served-by: cache-ams21051-AMS
last-modified: Tue, 13 Feb 2024 00:41:07 GMT
server: AmazonS3
x-timer: S1708444982.067506,VS0,VE0
etag: "1b4209d0ae18545976f7eb2c5f94d6b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 177919

POST
H/1.1 200 NRJS-10b2f70dbb89ada2d82 Show response
bam.nr-data.net/1/ 40 B
392 B 284ms
229ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-10b2f70dbb89ada2d82?a=1207621226&v=1.252.0&to=NlRUbEZWVxFRAhFRXA8ed1tAXlYMHwkQWh4RUFFd&rst=3418&ck=0&s=36fe6d26b82e5e2d&ref=https://crooked.com/crookedmediareads/&hr=0&af=err,xhr,stn,ins,spa&ap=867&be=1102&fe=2226&dc=1628&at=GhNXGg5MRB8%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1708444978682,%22n%22:0,%22f%22:351,%22dn%22:370,%22dne%22:370,%22c%22:370,%22s%22:523,%22ce%22:683,%22rq%22:683,%22rp%22:1102,%22rpe%22:1256,%22di%22:2730,%22ds%22:2730,%22de%22:2730,%22dc%22:3326,%22l%22:3327,%22le%22:3328%7D,%22navigation%22:%7B%7D%7D&fp=1671&fcp=1671
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ca742541d65d718402499ed1d84d003258ce2116562169b85744cf7d798485a

Request headers

Referer: https://crooked.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 20 Feb 2024 16:03:02 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://crooked.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-ams21020-AMS

POST
H/1.1 200 NRJS-10b2f70dbb89ada2d82 Show response
bam.nr-data.net/events/1/ 24 B
331 B 219ms
219ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-10b2f70dbb89ada2d82?a=1207621226&v=1.252.0&to=NlRUbEZWVxFRAhFRXA8ed1tAXlYMHwkQWh4RUFFd&rst=3710&ck=0&s=36fe6d26b82e5e2d&ref=https://crooked.com/crookedmediareads/&hr=0
Requested by: Host: crooked.com
URL: https://crooked.com/crookedmediareads/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://crooked.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 20 Feb 2024 16:03:02 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://crooked.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-ams21020-AMS

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crooked.com/	1970-01-21 04:10:04	Name: _ga_KN0BF907JT Value: GS1.1.1708444980.1.0.1708444980.0.0.0
.crooked.com/	1970-01-20 20:43:40	Name: _fbp Value: fb.1.1708444980471.2068440722
.crooked.com/	1970-01-21 04:10:04	Name: _ga Value: GA1.2.1636451993.1708444980
.crooked.com/	1970-01-20 18:35:31	Name: _gid Value: GA1.2.386765894.1708444980
.crooked.com/	1970-01-20 18:34:05	Name: _gat_UA-108072211-1 Value: 1
.crooked.com/	1970-01-20 18:34:05	Name: _gat Value: 1
.tiktok.com/	1970-01-21 03:55:40	Name: _ttp Value: 2cdcdCnEvfpQcZcNbeRafrRtJGN
.crooked.com/	1970-01-21 03:55:40	Name: _tt_enable_cookie Value: 1
.crooked.com/	1970-01-21 03:55:40	Name: _ttp Value: 1xV0-IX3AJDsJIun57YxBUth7Ul
.list-manage.com/	1970-01-21 03:19:40	Name: _abck Value: 478FE4DA873D9AB8DD5DC804E2C750F6~-1~YAAQqF5swSq9P8KNAQAA4plBxwujvcYBTYi8B0bU9CocPtke0nXMVYdKFfmEAS4/IgAO5xzBqzClb2lmt9gLvMm7GzOU06nrSykGQAOnDFo9Nb6KM1jS7HQIZiBxyaNrTLb7MFdKuBBrlf03dEpXFnvM107qF9v5J3oyumXKes9Ydr/qjw/oIkdbxNcQAcd2hz18Wtv/4gyeKRQZwavOrb5RG/W9g7RI8XtVJo+f+UvpSJ2ls841wh7AbqGaglRXsFc39TPABWnta5ZEam5KGxXiTa7IbpzvmnZWtBtUn03r3nlLIDf7iTh2eJzq0DpZ7c46aIoUjC37ax9yw4fHUgyc1ySRMRg+7HKunaGi/Y9Bi3u22Fh5mFPaXWemD95EDQ==~-1~-1~-1
.us19.list-manage.com/	1970-01-20 18:34:12	Name: ak_bmsc Value: D35F78886887468D1E4054EFEDB2612E~000000000000000000000000000000~YAAQqF5swSu9P8KNAQAA4plBxxZxDstjF2qsAnFiX9E+nCV02PCk5prK4K63X86XZdnI9/bny9kMCBohi9KHbqtM2qfpRhuFGWLkEuLHdqsxrXEoA4SqykwsWRiw7gL/7gPOM01toxSyY+ZCEYL82JynnwnQoAstLNndUSJ57fffV1C+59AgKhbwBbIbjGlcVbQHiWteWnMt6dw5G9ru3nuF6ZzlsW2jpoDWhV0ZvJn4rBLXJb9sDVCqPkaE6QnWwGejWaau3DTnDUbdd5JEPuG6CP86Jp4V+igfjfwXgxb62knTDCnsyLAqQ1v1xsMo4nffXgmlfYGynMIlE7eJUm+fy9WeVg2H6mccaWT/dPATxQAmJBK/sZhoOQiOhBTiKRu8WP3U1L7mBbkOFsOhBnGDfr0H
.list-manage.com/	1970-01-20 18:34:19	Name: bm_sz Value: C1FAD984E48FDFC5140A41E14C74372C~YAAQqF5swSy9P8KNAQAA4plBxxY0RvmqXwDeGoDca8TPEAVgKtNKRiX6heUkiFLXsfK7AGg0LGrePK9Dch1g4zMai8TSB9V8ReDyCotsTmZBeLYvVJdaDaA/l5EkDgTapgbYQIKGovefSQxNxeb0k4/IoX5Av+VJEY70XFDlTxubBMo8YhdKI7fcCYNOr0FxHlUbe37g96B+GHfeaMeare0bQEIssWm/DKckeKUfHCaBPSfpovKq8RgOVvyNP6g1NUhXiL6kSYN5O4hHqZ29SDw/Kvclq4lZz8xVMJI5K6qFsSxrBSL4vJyfb4tj7bruX+rpNXekqO0oMhyqPuDV/sE8C4A=~4539703~4469046

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/278976489405677?v=2.9.147&r=stable&domain=crooked.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://crooked.com/crookedmediareads/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://crooked.com/crookedmediareads/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://crooked.com/crookedmediareads/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://crooked.com/crookedmediareads/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://crooked.com/crookedmediareads/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://crooked.com/crookedmediareads/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://crooked.com/crookedmediareads/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://crooked.com/crookedmediareads/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
analytics.tiktok.com
bam.nr-data.net
boards.greenhouse.io
cdn.acsbapp.com
connect.facebook.net
crooked.com
crookedmediareads.com
downloads.mailchimp.com
js-agent.newrelic.com
mc.us19.list-manage.com
region1.google-analytics.com
res.cloudinary.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
151.101.130.137
162.247.243.29
18.66.192.31
2.19.96.146
2001:4860:4802:34::36
2606:4700:10::6816:1cc
2606:4700:10::6816:cc
2606:4700::6813:a641
2620:12a:8000::1
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:400c:c1f::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
54.226.91.99
95.101.44.28
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
00b3148ae7a70ce7852669e3f82fc62986fa248af06985c4f93fa6430d136e23
00f41ddec21a967b5f4695ba7fb6623604fb6654ea47bd4a94bd566471408adb
0469d873598ac622b32ecc0522b9ad7d194e771f8f3478510f4e1f725d0d34b2
049e85081d0e7f378727a5175517648e10724601b45793899f5eb3b534077a2d
05f4795c89c9f42e21e0e0fcef046a5348e8a54913f9285face1397c27f2552a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
164a44a952c426c99e148e18f6ecab47c1aa3bcc992aa39e7942202e1d1329d8
179667910358486f89822e5ac97e39bfe14f1ba016b33e909323226ebd1f257b
1d02bfd9cb11689fa61ed6140411c6880a486a431f2d5cb59a05c3de755bef6d
1d8f5dda481133c0f3bc7d26af8bfdc9e2f0ddcbfae575fdbb5a64b6463bc93d
1f042c5c26cabd45b5f074e853f1473e1549ddad40275f5209af73697e738055
1f5d0d0b267b8492e7c2cf4f1689340b2438fbd57eeb804db8f43cde171dff85
21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492
268b47ae5d91a57ee3af302a6b76ba61cd46ece6604482129d4668f52c1eb02d
2dd4ca741a94a782dc61d2f88d480f2bc2ea2a723f710af636323c10d794a0fd
362fe6cb1cc83ac67355b2b8d6d6e508283311a3d8c29fddbe4dcba69d663148
393a77e3774999cd29638b6c16f09a75ae76cd6d65c05e511aeb62a228868d58
3eafcc7f0192c4e0c2d420678c2db5f0e5066f9bc5aefc71d41cdd75e5624c94
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4596ac226b50a4aaec75ca7e413eb5ea4cc165e931ce59d69653657816d8cf2a
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51a0fee2532fa48195cd9405016a2bb36b6c6dbeb668c70236af64cff810bc74
537517c759eb27641b15b1c3ee08033606762a27a320faa3461017edd301e94f
54a893a296d8fb144e373e96bb024153be778793326eb6fd0505af1e8f6859c4
572554b91658dd0a4253626ab4d59f0b1d378cd1c90faa1ce16b3e3bd1e77bda
5ca742541d65d718402499ed1d84d003258ce2116562169b85744cf7d798485a
5f477d795b837a5e42372c8a0e652ce8ae04ebbeb70ecead0942dde532ee7e85
68924b973ceb3199ea958031fc60bff8360083d87eb648568a53f0c808addf07
6aa3424d9288133c9e90f11409d9790623b82e20145c53f7f0421d78809be0ad
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dabcad526fb659d75b723d7fa58f42c0ab463eab4ed84bc87a9d6bbed3ae856
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9a9889804e48958b44fa6366c7af4d9ad6553baf512136f15017fa4773d8c180
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7fab6df5e373d581aa1510fa4aa5158207ffa670c5579b2555be05de91b2912
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b88797b25b7281913df0c710d57987a27103c4dcf63a0deee70df2d4121b0c12
ba6688cbafdd6a56181c3e3107528e2555fbb2fa279ed44bfa8893c6bd6db6e6
c449f94f280342ef65302fe67e6b196846f36e44d54a0b86702d769e33fa3811
c7344c1bd0628ca5bf34acec777a9990a355e391974069bec5b22a10c1533f78
cae067a52d9d766ef04d0ad5e452087c0ad9a10c76a08f3e3ce889266dd2417e
d0c8cdaaba68ef9d690d3973386c24fc2037399fd8648058f83221e2b83dfe6d
dc62836001dad2396681aa3df04168bc2ce9229630658e1bf26847510f71c5ed
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2e0c4c047cdee9096c2d1642fc9a4192b82ca89c9e734953747d0cd51d4e6cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff
f180bd22855ecbcb04f5337542bb8006a4324a603d45371a1a69efab9cb13d88
f5d495c19fa8b489f862c098c5dd75a9de695e8ce1b726f678d1183faaa62c71

crooked.com Open in urlscan Pro 2620:12a:8000::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

65 %IPv6

15 Domains

17 Subdomains

17 IPs

3 Countries

10203 kBTransfer

18442 kBSize

12 Cookies

18 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

crooked.com Open in urlscan Pro
2620:12a:8000::1 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

65 %
IPv6

15
Domains

17
Subdomains

17
IPs

3
Countries

10203 kB
Transfer

18442 kB
Size

12
Cookies

58 HTTP transactions
0 data transactions